Movatterモバイル変換

[0]ホーム
URL:

US11159510B2 - Utilizing federated user identifiers to enable secure information sharing - Google Patents

Utilizing federated user identifiers to enable secure information sharingDownload PDF

Info

Publication number
US11159510B2
US11159510B2US16/210,117US201816210117AUS11159510B2US 11159510 B2US11159510 B2US 11159510B2US 201816210117 AUS201816210117 AUS 201816210117AUS 11159510 B2US11159510 B2US 11159510B2
Authority
US
United States
Prior art keywords
user
platform
computing device
client computing
external application
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active, expires
Application number
US16/210,117
Other versions
US20200186518A1 (en
Inventor
Hitesh Shah
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Bank of America Corp
Original Assignee
Bank of America Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Bank of America CorpfiledCriticalBank of America Corp
Priority to US16/210,117priorityCriticalpatent/US11159510B2/en
Assigned to BANK OF AMERICA CORPORATIONreassignmentBANK OF AMERICA CORPORATIONASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS).Assignors: SHAH, HITESH
Publication of US20200186518A1publicationCriticalpatent/US20200186518A1/en
Priority to US17/447,304prioritypatent/US12355750B2/en
Application grantedgrantedCritical
Publication of US11159510B2publicationCriticalpatent/US11159510B2/en
Activelegal-statusCriticalCurrent
Adjusted expirationlegal-statusCritical

Links

Images

Classifications

Definitions

Landscapes

Abstract

Aspects of the disclosure relate to utilizing federated user identifiers to enable secure information sharing. A computing platform may receive, from an external application host platform, a federated login request comprising user identification information associated with a user account. Based on receiving the federated login request, the computing platform may send, to a client computing device linked to the user account, a push notification prompting a user of the client computing device to authenticate. Then, the computing platform may authenticate the user of the client computing device to the user account. Based on authenticating the user, the computing platform may generate an orchestration message directing a data hub platform to initiate a validated data transfer with the external application host platform and may send the orchestration message to the data hub platform to initiate a transfer of external information associated with the user of the client computing device.

Description

BACKGROUND
Aspects of the disclosure relate to providing information security and preventing unauthorized access to resources of an information system. In particular, one or more aspects of the disclosure relate to preventing unauthorized access to information resources by utilizing federated user identifiers to enable secure information sharing.
As organizations increasingly provide electronic portals via which various users may access, view, and/or modify information, including client information, ensuring the safety and security of information maintained by such organizations and/or made available via such portals is increasingly important. In many instances, however, it may be difficult to ensure the safety and security of such information while also optimizing the efficient and effective technical operations of the computer systems that maintain such information and/or provide such portals.
SUMMARY
Aspects of the disclosure provide effective, efficient, scalable, and convenient technical solutions that address and overcome the technical problems associated with providing information security and preventing unauthorized access to resources of an information system by utilizing federated user identifiers to enable secure information sharing.
In accordance with one or more embodiments, a computing platform having at least one processor, a communication interface, and memory may receive, via the communication interface, from an external application host platform, a first federated login request comprising first user identification information associated with a first user account. Based on receiving the first federated login request comprising the first user identification information associated with the first user account, the computing platform may send, via the communication interface, to a first client computing device linked to the first user account, a first push notification prompting a user of the first client computing device to authenticate. Subsequently, the computing platform may authenticate the user of the first client computing device to the first user account. Based on authenticating the user of the first client computing device to the first user account, the computing platform may generate an orchestration message directing a data hub platform to initiate a validated data transfer with the external application host platform. Then, the computing platform may send, via the communication interface, to the data hub platform, the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform. In addition, sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform may cause the data hub platform to initiate a transfer of external information associated with the user of the first client computing device and maintained on at least one external data source server from the at least one external data source server to the external application host platform.
In some embodiments, sending the first push notification prompting the user of the first client computing device to authenticate may cause the first client computing device linked to the first user account to present a notification prompting the user of the first client computing device to login to a client portal hosted by an account portal computing platform.
In some embodiments, sending the first push notification prompting the user of the first client computing device to authenticate may cause the first client computing device linked to the first user account to present a notification prompting the user of the first client computing device to login to a mobile application associated with a client portal hosted by an account portal computing platform.
In some embodiments, authenticating the user of the first client computing device to the first user account may include validating one or more of a username received from the user of the first client computing device, a password received from the user of the first client computing device, a one-time passcode received from the user of the first client computing device, biometric input received from the user of the first client computing device, or security question input received from the user of the first client computing device.
In some embodiments, prior to generating the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, the computing platform may send, via the communication interface, to the first client computing device linked to the first user account, a second push notification prompting the user of the first client computing device to consent to user-specific information being shared with the external application host platform.
In some embodiments, after sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, the computing platform may initiate a transfer of internal information associated with the user of the first client computing device to the external application host platform.
In some embodiments, a first portion of the internal information associated with the user of the first client computing device may be maintained on an account portal computing platform. In addition, initiating the transfer of the internal information associated with the user of the first client computing device to the external application host platform may include: generating at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform; and sending, via the communication interface, to the account portal computing platform, the at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform.
In some embodiments, a second portion of the internal information associated with the user of the first client computing device may be maintained on enterprise server infrastructure. In addition, initiating the transfer of the internal information associated with the user of the first client computing device to the external application host platform may include: generating at least one command directing the enterprise server infrastructure to send the second portion of the internal information associated with the user of the first client computing device to the external application host platform; and sending, via the communication interface, to the enterprise server infrastructure, the at least one command directing the enterprise server infrastructure to send the second portion of the internal information associated with the user of the first client computing device to the external application host platform.
In some embodiments, the internal information associated with the user of the first client computing device may include entity verification data attesting to successful authentication of the user of the first client computing device to the first user account by the computing platform. In some embodiments, the internal information associated with the user of the first client computing device may include registered contact information associated with the user of the first client computing device. In some embodiments, the internal information associated with the user of the first client computing device may include account information associated with the user of the first client computing device. In some embodiments, the internal information associated with the user of the first client computing device may include historical information associated with the user of the first client computing device. In some embodiments, the internal information associated with the user of the first client computing device may include timing information associated with the user of the first client computing device.
In some embodiments, after sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, the computing platform may update a subscription database to indicate that user-specific data associated with the first user account has been shared with the external application host platform.
In some embodiments, updating the subscription database to indicate that the user-specific data associated with the first user account has been shared with the external application host platform may cause an account portal computing platform to provide at least one subscription manager interface to the first client computing device. In some embodiments, the at least one subscription manager interface provided to the first client computing device may include a user-selectable option to revoke access to the user-specific data associated with the first user account from the external application host platform.
In some embodiments, the computing platform may receive, via the communication interface, from the external application host platform, a second federated login request comprising second user identification information associated with a second user account. Subsequently, the computing platform may determine that the second user account is hosted by a second organization different from a first organization that hosts the first user account. Based on determining that the second user account is hosted by the second organization different from the first organization that hosts the first user account, the computing platform may route the second federated login request comprising the second user identification information associated with the second user account to an authentication server associated with the second organization via the data hub platform.
These features, along with many others, are discussed in greater detail below.
BRIEF DESCRIPTION OF THE DRAWINGS
The present disclosure is illustrated by way of example and not limited in the accompanying figures in which like reference numerals indicate similar elements and in which:
FIGS. 1A and 1B depict an illustrative computing environment for utilizing federated user identifiers to enable secure information sharing in accordance with one or more example embodiments;
FIGS. 2A-2D depict an illustrative event sequence for utilizing federated user identifiers to enable secure information sharing in accordance with one or more example embodiments;
FIGS. 3-6 depict example graphical user interfaces for utilizing federated user identifiers to enable secure information sharing in accordance with one or more example embodiments; and
FIG. 7 depicts an illustrative method for utilizing federated user identifiers to enable secure information sharing in accordance with one or more example embodiments.
DETAILED DESCRIPTION
In the following description of various illustrative embodiments, reference is made to the accompanying drawings, which form a part hereof, and in which is shown, by way of illustration, various embodiments in which aspects of the disclosure may be practiced. It is to be understood that other embodiments may be utilized, and structural and functional modifications may be made, without departing from the scope of the present disclosure.
It is noted that various connections between elements are discussed in the following description. It is noted that these connections are general and, unless specified otherwise, may be direct or indirect, wired or wireless, and that the specification is not intended to be limiting in this respect.
Some aspects of the disclosure relate to implementing federated user identifiers linked to online banking. For example, a user may start in a first third-party application and make a selection to initiate a request or transaction. Instead of filling out a form in the first third-party application, the user may select to sign in with a bank-managed federated identifier. The user may enter their phone number, which may trigger a push notification to be sent to the user's device (e.g., via a centralized hub server associated with the bank). The push notification may prompt the user to open their mobile banking application and authenticate. Once the user is authenticated, the mobile banking application may prompt the user to consent to share their bank data, along with third-party data associated with at least a second third-party entity (e.g., credit score, mobile phone data, or the like), with the first third-party providing the first third-party application. Subsequently, the mobile banking application may trigger and/or orchestrate a transfer of validated data (e.g., from one or more bank servers and/or second third-party servers to one or more first third-party servers) via the centralized hub server. Then, the user may complete the request or transaction in the first third-party application without further data entry and/or identity verification. In some instances, a subscription manager feature may be layered on top of this technology to enable the user to unsubscribe from one or more automatically detected subscriptions associated with recurring charges to the user's account(s).
FIGS. 1A and 1B depict an illustrative computing environment for utilizing federated user identifiers to enable secure information sharing in accordance with one or more example embodiments. Referring toFIG. 1A,computing environment100 may include one or more computer systems. For example,computing environment100 may include a clientauthentication computing platform110, an accountportal computing platform120,enterprise server infrastructure125, aclient computing device130, an externalapplication host platform140, adata hub platform150, and at least one externaldata source server160.
As illustrated in greater detail below, clientauthentication computing platform110 may include one or more computing devices configured to perform one or more of the functions described herein. For example, clientauthentication computing platform110 may include one or more computers (e.g., laptop computers, desktop computers, servers, server blades, or the like).
Accountportal computing platform120 may include one or more computing devices and/or other computer components (e.g., processors, memories, communication interfaces). In addition, and as illustrated in greater detail below, accountportal computing platform120 may be configured to generate, host, transmit, and/or otherwise provide one or more web pages and/or other graphical user interfaces (which may, e.g., cause one or more other computer systems to display and/or otherwise present the one or more web pages and/or other graphical user interfaces). In some instances, the web pages and/or other graphical user interfaces generated by accountportal computing platform120 may be associated with a client portal provided by an organization, such as an online banking portal or a mobile banking portal provided by a financial institution. Such a portal may, for instance, provide customers of the financial institution with access to financial account information (e.g., account balance information, account statements, recent transaction history information, or the like) and/or may provide customers of the financial institution with menus, controls, and/or other options to schedule and/or execute various transactions (e.g., online bill pay transactions, person-to-person funds transfer transactions, or the like).
Enterprise server infrastructure125 may include one or more computing devices and/or other computer components (e.g., processors, memories, communication interfaces). In addition, and as illustrated in greater detail below,enterprise server infrastructure125 may be configured to provide various enterprise and/or back-office computing functions for an organization, such as a financial institution. For example,enterprise server infrastructure125 may include various servers and/or databases that store and/or otherwise maintain account information, such as financial account information including account balances, transaction history, account owner information, and/or other information. In addition,enterprise server infrastructure125 may process and/or otherwise execute transactions on specific accounts based on commands and/or other information received from accountportal computing platform120 and/or other computer systems included incomputing environment100.
Client computing device130 may be a personal computing device (e.g., desktop computer, laptop computer) or mobile computing device (e.g., smartphone, tablet). In addition,client computing device130 may be linked to and/or used by a specific user (e.g., of a client portal provided by account portal computing platform120).
Externalapplication host platform140 may include one or more computing devices and/or other computer components (e.g., processors, memories, communication interfaces). In addition, and as illustrated in greater detail below, externalapplication host platform140 may be configured to provide a hosted web application and/or other web services to various users, including the user ofclient computing device130. The hosted web application and/or other web services provided by externalapplication host platform140 may be provided by and/or otherwise associated with an entity different from an organization operating clientauthentication computing platform110, accountportal computing platform120, and/orenterprise server infrastructure125. For instance, clientauthentication computing platform110, accountportal computing platform120, and/orenterprise server infrastructure125 may be operated by and/or otherwise associated with a financial institution, and externalapplication host platform140 may be operated by and/or otherwise associated with a third-party service provider (e.g., an internet service provider, a mobile telephone provider, a vacation rental company, or another type of company) different from the financial institution.
Data hub platform150 may include one or more computing devices and/or other computer components (e.g., processors, memories, communication interfaces). In addition, and as illustrated in greater detail below,data hub platform150 may be configured to orchestrate and/or otherwise execute data transfers from various source servers to various target servers, where the source servers and target servers are associated with different entities. In some instances,data hub platform150 may operate as a central hub server that facilitates information sharing between different financial institutions (which may, e.g., include a financial institution operating clientauthentication computing platform110, accountportal computing platform120, and/or enterprise server infrastructure125) and/or other entities (e.g., internet service providers, mobile telephone providers, vacation rental companies, and/or other types of organizations) based on federated identifiers that are created, validated, and/or authenticated by the each financial institution of the different financial institutions.
Externaldata source server160 may include one or more computing devices and/or other computer components (e.g., processors, memories, communication interfaces). In addition, and as illustrated in greater detail below, externaldata source server160 may be configured to transfer and/or otherwise share information with other servers and/or externalapplication host platform140 based on orchestration requests received fromdata hub platform150.
Computing environment100 also may include one or more networks, which may interconnect one or more of clientauthentication computing platform110, accountportal computing platform120,enterprise server infrastructure125,client computing device130, externalapplication host platform140,data hub platform150, and/or externaldata source server160. For example,computing environment100 may include a private network170 (which may, e.g., interconnect clientauthentication computing platform110, accountportal computing platform120,enterprise server infrastructure125, and/or one or more other systems which may be associated with an organization, such as a financial institution) and public network180 (which may, e.g., interconnectclient computing device130, externalapplication host platform140,data hub platform150, and externaldata source server160 withprivate network170 and/or one or more other systems, public networks, sub-networks, and/or the like).
In one or more arrangements,client computing device130, externalapplication host platform140,data hub platform150, externaldata source server160, and/or the other systems included incomputing environment100 may be any type of computing device capable of receiving a user interface, receiving input via the user interface, and communicating the received input to one or more other computing devices. For example,client computing device130, externalapplication host platform140,data hub platform150, externaldata source server160, and/or the other systems included incomputing environment100 may, in some instances, be and/or include server computers, desktop computers, laptop computers, tablet computers, smart phones, or the like that may include one or more processors, memories, communication interfaces, storage devices, and/or other components. As noted above, and as illustrated in greater detail below, any and/or all of clientauthentication computing platform110, accountportal computing platform120,enterprise server infrastructure125,client computing device130, externalapplication host platform140,data hub platform150, and externaldata source server160 may, in some instances, be special-purpose computing devices configured to perform specific functions.
Referring toFIG. 1B, clientauthentication computing platform110 may include one ormore processors111,memory112, andcommunication interface113. A data bus may interconnectprocessor111,memory112, andcommunication interface113.Communication interface113 may be a network interface configured to support communication between clientauthentication computing platform110 and one or more networks (e.g.,network170,network180, or the like).Memory112 may include one or more program modules having instructions that when executed byprocessor111 cause clientauthentication computing platform110 to perform one or more functions described herein and/or one or more databases that may store and/or otherwise maintain information which may be used by such program modules and/orprocessor111. In some instances, the one or more program modules and/or databases may be stored by and/or maintained in different memory units of clientauthentication computing platform110 and/or by different computing devices that may form and/or otherwise make up clientauthentication computing platform110. For example,memory112 may have, store, and/or include aclient authentication module112a, aclient authentication database112b, and a client authenticationmachine learning engine112c.Client authentication module112amay have instructions that direct and/or cause clientauthentication computing platform110 to control access to resources of an information system by utilizing federated user identifiers to enable secure information sharing, as discussed in greater detail below.Client authentication database112bmay store information used byclient authentication module112aand/or clientauthentication computing platform110 in controlling access to resources of an information system by utilizing federated user identifiers to enable secure information sharing and/or in performing other functions. Client authenticationmachine learning engine112cmay build and/or update one or more authentication models, one or more machine-learned user profiles, and/or one or more other machine-learned models based on captured and/or received data.
FIGS. 2A-2D depict an illustrative event sequence for utilizing federated user identifiers to enable secure information sharing in accordance with one or more example embodiments. Referring toFIG. 2A, atstep201,client computing device130 may request one or more service pages and/or other application pages from externalapplication host platform140. For instance, externalapplication host platform140 may be operated by and/or otherwise associated with a third-party service provider (e.g., an internet service provider, a mobile telephone provider, a vacation rental company, or another type of company), andclient computing device130 may request one or more pages associated with a hosted web application and/or other web services provided by externalapplication host platform140 so as to access and/or utilize services of the third-party service provider associated with externalapplication host platform140.
Atstep202, externalapplication host platform140 may send a federated login prompt toclient computing device130. For example, atstep202, in response to receiving the request for one or more service pages and/or other application pages fromclient computing device130, externalapplication host platform140 may generate and/or send one or more user interfaces toclient computing device130 that prompt a user ofclient computing device130 to provide one or more federated login credentials to login and subsequently access the one or more service pages and/or other application pages.
At step203,client computing device130 may send user identification information to externalapplication host platform140. For example, at step203,client computing device130 may send user identification information to externalapplication host platform140 in response to the federated login prompt received from externalapplication host platform140.
Atstep204, externalapplication host platform140 may send a first federated login request to clientauthentication computing platform110. For example, atstep204, after receiving the user identification information fromclient computing device130, externalapplication host platform140 may send the received user identification information and/or other information to client authentication computing platform110 (e.g., to authenticate the user ofclient computing device130 to a user account that is maintained by an organization operating clientauthentication computing platform110 and that is associated with the received user identification information, so as to enable information sharing, as illustrated below).
Referring toFIG. 2B, atstep205, clientauthentication computing platform110 may receive the first federated login request from externalapplication host platform140. For example, atstep205, clientauthentication computing platform110 may receive, via the communication interface (e.g., communication interface113), from an external application host platform (e.g., external application host platform140), a first federated login request comprising first user identification information associated with a first user account. For instance, externalapplication host platform140 may be operated by and/or otherwise associated with an entity different from the organization operating clientauthentication computing platform110, such as a vacation rental company different from a financial institution operating clientauthentication computing platform110. In addition, the user ofclient computing device130 may have started in an application and/or web interface provided by externalapplication host platform140 to sign up for and/or otherwise request services from the organization operating externalapplication host platform140, and the user ofclient computing device130 may have entered identification information that is validated by and/or otherwise associated with the financial institution operating clientauthentication computing platform110, so as to use a federated login identifier provided by the financial institution operating clientauthentication computing platform110 with the service and/or entity associated with externalapplication host platform140. In some instances, the service provided by externalapplication host platform140 and/or the entity associated with externalapplication host platform140 may be a subscription service to which the user ofclient computing device130 is subscribing, such as a software subscription service, a home services subscription service, or the like, and the financial institution operating clientauthentication computing platform110 may provide interfaces and/or other tools for managing the subscription once information sharing is enabled, as discussed in greater detail below. In some instances, the first user identification information associated with the first user account (which may, e.g., be received by clientauthentication computing platform110 at step205) may be and/or include a mobile telephone number associated with the user ofclient computing device130, an online banking username, one or more other unique identifiers and/or credentials, or the like.
At step206, clientauthentication computing platform110 may send an authentication push notification toclient computing device130. For example, at step206, based on receiving the first federated login request comprising the first user identification information associated with the first user account, clientauthentication computing platform110 may send, via the communication interface (e.g., communication interface113), to a first client computing device (e.g., client computing device130) linked to the first user account, a first push notification prompting a user of the first client computing device (e.g., client computing device130) to authenticate.
In some embodiments, sending the first push notification prompting the user of the first client computing device to authenticate may cause the first client computing device linked to the first user account to present a notification prompting the user of the first client computing device to login to a client portal hosted by an account portal computing platform. For example, by sending the first push notification prompting the user of the first client computing device (e.g., client computing device130) to authenticate at step206, clientauthentication computing platform110 may cause the first client computing device (e.g., client computing device130) linked to the first user account to present a notification prompting the user of the first client computing device (e.g., client computing device130) to login to a client portal hosted by an account portal computing platform (e.g., account portal computing platform120). For instance, clientauthentication computing platform110 may causeclient computing device130 to display and/or otherwise present a prompt asking the user ofclient computing device130 to login to an online banking portal hosted by accountportal computing platform120.
In some embodiments, sending the first push notification prompting the user of the first client computing device to authenticate may cause the first client computing device linked to the first user account to present a notification prompting the user of the first client computing device to login to a mobile application associated with a client portal hosted by an account portal computing platform. For example, by sending the first push notification prompting the user of the first client computing device (e.g., client computing device130) to authenticate at step206, clientauthentication computing platform110 may cause the first client computing device (e.g., client computing device130) linked to the first user account to present a notification prompting the user of the first client computing device (e.g., client computing device130) to login to a mobile application associated with a client portal hosted by an account portal computing platform (e.g., account portal computing platform120). For instance, clientauthentication computing platform110 may causeclient computing device130 to display and/or otherwise present a prompt asking the user ofclient computing device130 to login to a mobile banking application associated with the online banking portal hosted by accountportal computing platform120. In some instances, in sending such a notification toclient computing device130, clientauthentication computing platform110 may causeclient computing device130 to display and/or otherwise present a graphical user interface similar tographical user interface300, which is illustrated inFIG. 3. As seen inFIG. 3,graphical user interface300 may include text and/or other information associated with the federated login request and the associated data sharing (e.g., “We have received a request to authenticate you to your online banking account and enable external information sharing, which will allow you to use your online banking account with: {External Application} hosted by {Third Party Entity}.”) as well as information prompting the user to authenticate (e.g., “Please click here to launch mobile banking and login. If you didn't initiate this request, please click here.”).
At step207, clientauthentication computing platform110 may authenticate the user ofclient computing device130. For example, at step207, clientauthentication computing platform110 may authenticate the user of the first client computing device (e.g., client computing device130) to the first user account. In some embodiments, authenticating the user of the first client computing device to the first user account may include validating one or more of a username received from the user of the first client computing device, a password received from the user of the first client computing device, a one-time passcode received from the user of the first client computing device, biometric input received from the user of the first client computing device, or security question input received from the user of the first client computing device. For example, in authenticating the user of the first client computing device (e.g., client computing device130) to the first user account, clientauthentication computing platform110 may validate one or more of a username received from the user of the first client computing device (e.g., client computing device130), a password received from the user of the first client computing device (e.g., client computing device130), a one-time passcode received from the user of the first client computing device (e.g., client computing device130), biometric input received from the user of the first client computing device (e.g., client computing device130), and/or security question input received from the user of the first client computing device (e.g., client computing device130). The biometric input received from the user ofclient computing device130 may include fingerprint biometrics, voice biometrics, face biometrics, cadence biometrics, and/or other biometrics, and may include actual biometric data captured byclient computing device130 and/or data indicating that the biometric data captured byclient computing device130 was locally validated onclient computing device130 byclient computing device130.
At step208, clientauthentication computing platform110 may send a consent push notification toclient computing device130. For example, at step208, clientauthentication computing platform110 may send, via the communication interface (e.g., communication interface113), to the first client computing device (e.g., client computing device130) linked to the first user account, a second push notification prompting the user of the first client computing device (e.g., client computing device130) to consent to user-specific information being shared with the external application host platform (e.g., external application host platform140). For instance, before generating an orchestration message directingdata hub platform150 to initiate a validated data transfer with externalapplication host platform140, clientauthentication computing platform110 may prompt the user ofclient computing device130 to consent to data sharing. In some instances, in sending such a notification toclient computing device130, clientauthentication computing platform110 may causeclient computing device130 to display and/or otherwise present a graphical user interface similar tographical user interface400, which is illustrated inFIG. 4. As seen inFIG. 4,graphical user interface400 may include text and/or other information describing the data sharing that may result from completion of the federated login request (e.g., “If you choose to continue and enable information sharing with {External Application}, we will share the following details with {Third Party Entity}:—Your Full Name—Your Online Banking Account ID—Your Mailing Address—Your Email Address and Phone Number”) as well as one or more selectable controls and/or other information prompting the user to consent (e.g., “Cancel; Continue”). In some instances, clientauthentication computing platform110 may wait to receive an affirmative response to the consent prompt from the user ofclient computing device130 before the event sequence proceeds. Alternatively, if the user does not provide consent, clientauthentication computing platform110 may generate and/or send one or more error messages, and the example event sequence may end.
Referring toFIG. 2C, atstep209, clientauthentication computing platform110 may generate an orchestration message. For example, atstep209, based on authenticating the user of the first client computing device (e.g., client computing device130) to the first user account, clientauthentication computing platform110 may generate an orchestration message directing a data hub platform (e.g., data hub platform150) to initiate a validated data transfer with the external application host platform (e.g., external application host platform140). For instance, the orchestration message generated by clientauthentication computing platform110 may include information indicating that a specific user was successfully authenticated by clientauthentication computing platform110, that information with the specific user's account is to be transferred to a particular target server (e.g., external application host platform140) from one or more particular sources (e.g., accountportal computing platform120,enterprise server infrastructure125, external data source server160), and/or other information.
Atstep210, clientauthentication computing platform110 may send the orchestration message todata hub platform150. For example, atstep210, clientauthentication computing platform110 may send, via the communication interface (e.g., communication interface113), to the data hub platform (e.g., data hub platform150), the orchestration message directing the data hub platform (e.g., data hub platform150) to initiate the validated data transfer with the external application host platform (e.g., external application host platform140). In addition, by sending the orchestration message directing the data hub platform (e.g., data hub platform150) to initiate the validated data transfer with the external application host platform (e.g., external application host platform140), clientauthentication computing platform110 may cause the data hub platform (e.g., data hub platform150) to initiate a transfer of external information that is associated with the user of the first client computing device (e.g., client computing device130) and that is maintained on at least one external data source server (e.g., external data source server160) from the at least one external data source server (e.g., external data source server160) to the external application host platform (e.g., external application host platform140). For instance, by sending the orchestration message, clientauthentication computing platform110 may trigger the sharing of external, third-party data (which may, e.g., be obtained from external data source server160) with externalapplication host platform140, as well as the sharing of internal, organization-maintained data (which may, e.g., be obtained accountportal computing platform120 and/or enterprise server infrastructure125) with externalapplication host platform140. In addition, this data sharing may be initiated based on the authentication that occurred at clientauthentication computing platform110, and the user ofclient computing device130 may be able to complete a request (e.g., a request for service, a transaction, or the like) on one or more pages associated with a hosted web application and/or other web services provided by externalapplication host platform140 without having to provide further authentication credentials and/or data entry to externalapplication host platform140.
Atstep211,data hub platform150 may initiate a transfer of external information from externaldata source server160 to externalapplication host platform140. For example, atstep211,data hub platform150 may generate and/or send one or more commands to externaldata source server160, based on the orchestration message received from clientauthentication computing platform110, to initiate a transfer of external information from externaldata source server160 to externalapplication host platform140. For instance, the orchestration message received from externaldata source server160 may identify the user account and/or other details corresponding to the user ofclient computing device130, and the one or more commands generated bydata hub platform150 and sent bydata hub platform150 to externaldata source server160 may identify this user account, the target server(s) for the data transfer (e.g., external application host platform140) associated with the user account, and/or other information associated with the data sharing.
Atstep212, clientauthentication computing platform110 may initiate a transfer of internal information to externalapplication host platform140. For example, atstep212, after sending the orchestration message directing the data hub platform (e.g., data hub platform150) to initiate the validated data transfer with the external application host platform (e.g., external application host platform140), clientauthentication computing platform110 may initiate a transfer of internal information associated with the user of the first client computing device (e.g., client computing device130) to the external application host platform (e.g., external application host platform140).
In some embodiments, a first portion of the internal information associated with the user of the first client computing device may be maintained on an account portal computing platform. In addition, initiating the transfer of the internal information associated with the user of the first client computing device to the external application host platform may include: generating at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform; and sending, via the communication interface, to the account portal computing platform, the at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform. For example, a first portion of the internal information associated with the user of the first client computing device (e.g., client computing device130) may be maintained on an account portal computing platform (e.g., account portal computing platform120). In addition, in initiating the transfer of the internal information associated with the user of the first client computing device (e.g., client computing device130) to the external application host platform (e.g., external application host platform140) atstep212, clientauthentication computing platform110 may generate at least one command directing the account portal computing platform (e.g., account portal computing platform120) to send the first portion of the internal information associated with the user of the first client computing device (e.g., client computing device130) to the external application host platform (e.g., external application host platform140). Then, clientauthentication computing platform110 may send, via the communication interface (e.g., communication interface113), to the account portal computing platform (e.g., account portal computing platform120), the at least one command directing the account portal computing platform (e.g., account portal computing platform120) to send the first portion of the internal information associated with the user of the first client computing device (e.g., client computing device130) to the external application host platform (e.g., external application host platform140).
In some embodiments, a second portion of the internal information associated with the user of the first client computing device may be maintained on enterprise server infrastructure. In addition, initiating the transfer of the internal information associated with the user of the first client computing device to the external application host platform may include: generating at least one command directing the enterprise server infrastructure to send the second portion of the internal information associated with the user of the first client computing device to the external application host platform; and sending, via the communication interface, to the enterprise server infrastructure, the at least one command directing the enterprise server infrastructure to send the second portion of the internal information associated with the user of the first client computing device to the external application host platform. For example, a second portion of the internal information associated with the user of the first client computing device (e.g., client computing device130) may be maintained on enterprise server infrastructure (e.g., enterprise server infrastructure125). In addition, in initiating the transfer of the internal information associated with the user of the first client computing device (e.g., client computing device130) to the external application host platform (e.g., external application host platform140) atstep212, clientauthentication computing platform110 may generate at least one command directing the enterprise server infrastructure (e.g., enterprise server infrastructure125) to send the second portion of the internal information associated with the user of the first client computing device (e.g., client computing device130) to the external application host platform (e.g., external application host platform140). Then, clientauthentication computing platform110 may send, via the communication interface (e.g., communication interface113), to the enterprise server infrastructure (e.g., enterprise server infrastructure125), the at least one command directing the enterprise server infrastructure (e.g., enterprise server infrastructure125) to send the second portion of the internal information associated with the user of the first client computing device (e.g., client computing device130) to the external application host platform (e.g., external application host platform140).
In some embodiments, the internal information associated with the user of the first client computing device may include entity verification data attesting to successful authentication of the user of the first client computing device to the first user account by the computing platform. For example, the internal information (which may, e.g., be transferred to external application host platform140) associated with the user of the first client computing device (e.g., client computing device130) may include entity verification data attesting to successful authentication of the user of the first client computing device (e.g., client computing device130) to the first user account by the computing platform (e.g., client authentication computing platform110). Such internal information may, for instance, be generated and/or sent by clientauthentication computing platform110 to externalapplication host platform140 based on successfully authenticating the user ofclient computing device130 at step207. In addition, this information may, for instance, include a registered and/or validated name of a client associated with the user account, a unique customer identifier associated with the user account (e.g., an account number, a social security number, or the like), and/or other information.
In some embodiments, the internal information associated with the user of the first client computing device may include registered contact information associated with the user of the first client computing device. For example, the internal information (which may, e.g., be transferred to external application host platform140) associated with the user of the first client computing device (e.g., client computing device130) may include registered contact information associated with the user of the first client computing device (e.g., client computing device130). Such internal information may, for instance, include a mobile telephone number associated with the user ofclient computing device130, an email address associated with the user ofclient computing device130, a mailing address associated with the user ofclient computing device130, and/or other information associated with the user of client computing device130 (which may, e.g., maintained by a financial institution operating client authentication computing platform110).
In some embodiments, the internal information associated with the user of the first client computing device may include account information associated with the user of the first client computing device. For example, the internal information (which may, e.g., be transferred to external application host platform140) associated with the user of the first client computing device (e.g., client computing device130) may include account information associated with the user of the first client computing device (e.g., client computing device130). Such account information may, for instance, include one or more account numbers associated with the user ofclient computing device130, account balance information associated with the user ofclient computing device130, and/or other information associated with one or more financial accounts maintained by a financial institution operating clientauthentication computing platform110 for the user ofclient computing device130.
In some embodiments, the internal information associated with the user of the first client computing device may include historical information associated with the user of the first client computing device. For example, the internal information (which may, e.g., be transferred to external application host platform140) associated with the user of the first client computing device (e.g., client computing device130) may include historical information associated with the user of the first client computing device (e.g., client computing device130). Such historical information may, for instance, include relationship history information associated with the user of client computing device130 (e.g., identifying how long the user ofclient computing device130 has been a customer of a financial institution operating client authentication computing platform110), credit history information associated with the user ofclient computing device130, transaction history information associated with the user ofclient computing device130, and/or other information associated with the user ofclient computing device130.
In some embodiments, the internal information associated with the user of the first client computing device may include timing information associated with the user of the first client computing device. For example, the internal information (which may, e.g., be transferred to external application host platform140) associated with the user of the first client computing device (e.g., client computing device130) may include timing information associated with the user of the first client computing device (e.g., client computing device130). Such timing information may, for instance, include information identifying how recently the user ofclient computing device130 last updated their account information and/or contact information, one or more confidence scores identifying a predicted accuracy of the internal information based on how recently the user ofclient computing device130 last updated their account information and/or contact information, and/or other information associated with the user ofclient computing device130.
Referring toFIG. 2D, atstep213, clientauthentication computing platform110 may update a subscription database. For example, atstep213, after sending the orchestration message directing the data hub platform (e.g., data hub platform150) to initiate the validated data transfer with the external application host platform (e.g., external application host platform140), clientauthentication computing platform110 may update a subscription database to indicate that user-specific data associated with the first user account has been shared with the external application host platform (e.g., external application host platform140). The subscription database may, for instance, be maintained by one or more of clientauthentication computing platform110, accountportal computing platform120, and/orenterprise server infrastructure125 and may link the user account with the a corresponding subscription account associated with externalapplication host platform140 and/or the third-party entity operating externalapplication host platform140.
In some embodiments, updating the subscription database to indicate that the user-specific data associated with the first user account has been shared with the external application host platform may cause an account portal computing platform to provide at least one subscription manager interface to the first client computing device. For example, by updating the subscription database to indicate that the user-specific data associated with the first user account has been shared with the external application host platform (e.g., external application host platform140) atstep213, clientauthentication computing platform110 may cause an account portal computing platform (e.g., account portal computing platform120) to provide at least one subscription manager interface to the first client computing device (e.g., client computing device130). Such a subscription manager interface may, for instance, include a list of active subscriptions associated with the first user account, including the new subscription associated with externalapplication host platform140. In some instances, in causing the account portal computing platform (e.g., account portal computing platform120) to provide at least one subscription manager interface to the first client computing device (e.g., client computing device130), clientauthentication computing platform110 may causeclient computing device130 to display and/or otherwise present a graphical user interface similar tographical user interface500, which is illustrated inFIG. 5. As seen inFIG. 5,graphical user interface500 may include text and/or other information associated with the subscription and the corresponding data sharing (e.g., “Your online banking account details are being shared with: {External Application} hosted by {Third Party Entity}.”) as well as one or more user-selectable controls allowing the user ofclient computing device130 to manage the subscription and the corresponding data sharing (e.g., “Click here for more information about what information is being shared. Click here to cancel sharing and revoke access.”).
In some embodiments, the at least one subscription manager interface provided to the first client computing device may include a user-selectable option to revoke access to the user-specific data associated with the first user account from the external application host platform. For example, the at least one subscription manager interface provided to the first client computing device (e.g., client computing device130) may include a user-selectable option to revoke access to the user-specific data associated with the first user account from the external application host platform (e.g., external application host platform140) as seen inFIG. 5. In some instances, in causing the account portal computing platform (e.g., account portal computing platform120) to provide at least one subscription manager interface to the first client computing device (e.g., client computing device130), and responsive to receiving a user selection of the user-selectable option to revoke access to the user-specific data associated with the first user account from the external application host platform (e.g., external application host platform140), clientauthentication computing platform110 may causeclient computing device130 to display and/or otherwise present a graphical user interface similar tographical user interface600, which is illustrated inFIG. 6. As seen inFIG. 6,graphical user interface600 may include text and/or other information associated with revoking the subscription and the corresponding data sharing (e.g., “You have selected to cancel sharing with {External Application} hosted by {Third Party Entity} and revoke access. If you proceed, you will no longer be able to use your online banking account with their services, and they will no longer have access to your online banking account information.”) as well as one or more user-selectable controls allowing the user ofclient computing device130 to proceed or cancel with revoking the subscription and the corresponding data sharing (e.g., “Cancel|Confirm|Help”).
Subsequently, clientauthentication computing platform110 may continue to receive and/or process other federated login requests received from externalapplication host platform140 and/or other authentication requests. For instance, atstep214, clientauthentication computing platform110 may receive a second federated login request from externalapplication host platform140. For example, atstep214, clientauthentication computing platform110 may receive, via the communication interface (e.g., communication interface113), from the external application host platform (e.g., external application host platform140), a second federated login request comprising second user identification information associated with a second user account.
Atstep215, clientauthentication computing platform110 may identify a host associated with the second user account. For example, atstep215, clientauthentication computing platform110 may determine that the second user account is hosted by a second organization different from a first organization that hosts the first user account. For instance, clientauthentication computing platform110 may determine that the second user account is hosted by a second financial institution different from a first financial institution which hosts the first user account and which operates clientauthentication computing platform110, accountportal computing platform120, and/orenterprise server infrastructure125.
Atstep216, clientauthentication computing platform110 may route the second federated login request (e.g., to the host associated with the second user account). For example, atstep216, based on determining that the second user account is hosted by the second organization different from the first organization that hosts the first user account, clientauthentication computing platform110 may route the second federated login request comprising the second user identification information associated with the second user account to an authentication server associated with the second organization via the data hub platform (e.g., data hub platform150). For instance, after receiving the second federated login request and determining that it should be processed by another bank, clientauthentication computing platform110 may route the second federated login request to the other bank's authentication server viadata hub platform150. In addition, clientauthentication computing platform110 may subsequently provide internal information that is associated with a user corresponding to the second user account and that is maintained by clientauthentication computing platform110, accountportal computing platform120, and/orenterprise server infrastructure125 to externalapplication host platform140 based on an authentication process completed by the other bank's authentication server and/or based on requests and/or other messages received from the other bank's authentication server and/ordata hub platform150.
FIG. 7 depicts an illustrative method for utilizing federated user identifiers to enable secure information sharing in accordance with one or more example embodiments. Referring toFIG. 7, atstep705, a computing platform having at least one processor, a communication interface, and memory may receive, via the communication interface, from an external application host platform, a first federated login request comprising first user identification information associated with a first user account. At step710, based on receiving the first federated login request comprising the first user identification information associated with the first user account, the computing platform may send, via the communication interface, to a first client computing device linked to the first user account, a first push notification prompting a user of the first client computing device to authenticate. Atstep715, the computing platform may authenticate the user of the first client computing device to the first user account. Atstep720, based on authenticating the user of the first client computing device to the first user account, the computing platform may generate an orchestration message directing a data hub platform to initiate a validated data transfer with the external application host platform. Atstep725, the computing platform may send, via the communication interface, to the data hub platform, the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform. In addition, by sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, the computing platform may cause the data hub platform to initiate a transfer of external information associated with the user of the first client computing device and maintained on at least one external data source server from the at least one external data source server to the external application host platform.
One or more aspects of the disclosure may be embodied in computer-usable data or computer-executable instructions, such as in one or more program modules, executed by one or more computers or other devices to perform the operations described herein. Generally, program modules include routines, programs, objects, components, data structures, and the like that perform particular tasks or implement particular abstract data types when executed by one or more processors in a computer or other data processing device. The computer-executable instructions may be stored as computer-readable instructions on a computer-readable medium such as a hard disk, optical disk, removable storage media, solid-state memory, RAM, and the like. The functionality of the program modules may be combined or distributed as desired in various embodiments. In addition, the functionality may be embodied in whole or in part in firmware or hardware equivalents, such as integrated circuits, application-specific integrated circuits (ASICs), field programmable gate arrays (FPGA), and the like. Particular data structures may be used to more effectively implement one or more aspects of the disclosure, and such data structures are contemplated to be within the scope of computer executable instructions and computer-usable data described herein.
Various aspects described herein may be embodied as a method, an apparatus, or as one or more computer-readable media storing computer-executable instructions. Accordingly, those aspects may take the form of an entirely hardware embodiment, an entirely software embodiment, an entirely firmware embodiment, or an embodiment combining software, hardware, and firmware aspects in any combination. In addition, various signals representing data or events as described herein may be transferred between a source and a destination in the form of light or electromagnetic waves traveling through signal-conducting media such as metal wires, optical fibers, or wireless transmission media (e.g., air or space). In general, the one or more computer-readable media may be and/or include one or more non-transitory computer-readable media.
As described herein, the various methods and acts may be operative across one or more computing servers and one or more networks. The functionality may be distributed in any manner, or may be located in a single computing device (e.g., a server, a client computer, and the like). For example, in alternative embodiments, one or more of the computing platforms discussed above may be combined into a single computing platform, and the various functions of each computing platform may be performed by the single computing platform. In such arrangements, any and/or all of the above-discussed communications between computing platforms may correspond to data being accessed, moved, modified, updated, and/or otherwise used by the single computing platform. Additionally or alternatively, one or more of the computing platforms discussed above may be implemented in one or more virtual machines that are provided by one or more physical computing devices. In such arrangements, the various functions of each computing platform may be performed by the one or more virtual machines, and any and/or all of the above-discussed communications between computing platforms may correspond to data being accessed, moved, modified, updated, and/or otherwise used by the one or more virtual machines.
Aspects of the disclosure have been described in terms of illustrative embodiments thereof. Numerous other embodiments, modifications, and variations within the scope and spirit of the appended claims will occur to persons of ordinary skill in the art from a review of this disclosure. For example, one or more of the steps depicted in the illustrative figures may be performed in other than the recited order, and one or more depicted steps may be optional in accordance with aspects of the disclosure.

Claims (20)

What is claimed is:
1. A computing platform, comprising:
at least one processor;
a communication interface communicatively coupled to the at least one processor; and
memory storing computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
receive, via the communication interface, from an external application host platform, a first federated login request comprising first user identification information associated with a first user account;
based on receiving the first federated login request comprising the first user identification information associated with the first user account, send, via the communication interface, to a first client computing device linked to the first user account, a first push notification prompting a user of the first client computing device to authenticate;
authenticate the user of the first client computing device to the first user account;
based on authenticating the user of the first client computing device to the first user account, generate an orchestration message directing a data hub platform to initiate a validated data transfer with the external application host platform;
send, via the communication interface, to the data hub platform, the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, wherein sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform causes the data hub platform to initiate a transfer of external information associated with the user of the first client computing device and maintained on at least one external data source server from the at least one external data source server to the external application host platform; and
after sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, initiate a transfer of internal information associated with the user of the first client computing device to the external application host platform,
wherein a first portion of the internal information associated with the user of the first client computing device is maintained on an account portal computing platform, and
wherein initiating the transfer of the internal information associated with the user of the first client computing device to the external application host platform comprises:
generating at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform; and
sending, via the communication interface, to the account portal computing platform, the at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform.
2. The computing platform ofclaim 1, wherein sending the first push notification prompting the user of the first client computing device to authenticate causes the first client computing device linked to the first user account to present a notification prompting the user of the first client computing device to login to a client portal hosted by the account portal computing platform.
3. The computing platform ofclaim 1, wherein sending the first push notification prompting the user of the first client computing device to authenticate causes the first client computing device linked to the first user account to present a notification prompting the user of the first client computing device to login to a mobile application associated with a client portal hosted by the account portal computing platform.
4. The computing platform ofclaim 1, wherein authenticating the user of the first client computing device to the first user account comprises validating one or more of a username received from the user of the first client computing device, a password received from the user of the first client computing device, a one-time passcode received from the user of the first client computing device, biometric input received from the user of the first client computing device, or security question input received from the user of the first client computing device.
5. The computing platform ofclaim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
prior to generating the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, send, via the communication interface, to the first client computing device linked to the first user account, a second push notification prompting the user of the first client computing device to consent to user-specific information being shared with the external application host platform.
6. The computing platform ofclaim 1,
wherein a second portion of the internal information associated with the user of the first client computing device is maintained on enterprise server infrastructure, and
wherein initiating the transfer of the internal information associated with the user of the first client computing device to the external application host platform comprises:
generating at least one command directing the enterprise server infrastructure to send the second portion of the internal information associated with the user of the first client computing device to the external application host platform; and
sending, via the communication interface, to the enterprise server infrastructure, the at least one command directing the enterprise server infrastructure to send the second portion of the internal information associated with the user of the first client computing device to the external application host platform.
7. The computing platform ofclaim 1, wherein the internal information associated with the user of the first client computing device comprises entity verification data attesting to successful authentication of the user of the first client computing device to the first user account by the computing platform.
8. The computing platform ofclaim 1, wherein the internal information associated with the user of the first client computing device comprises registered contact information associated with the user of the first client computing device.
9. The computing platform ofclaim 1, wherein the internal information associated with the user of the first client computing device comprises account information associated with the user of the first client computing device.
10. The computing platform ofclaim 1, wherein the internal information associated with the user of the first client computing device comprises historical information associated with the user of the first client computing device.
11. The computing platform ofclaim 1, wherein the internal information associated with the user of the first client computing device comprises timing information associated with the user of the first client computing device.
12. The computing platform ofclaim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
after sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, update a subscription database to indicate that user-specific data associated with the first user account has been shared with the external application host platform.
13. The computing platform ofclaim 12, wherein updating the subscription database to indicate that the user-specific data associated with the first user account has been shared with the external application host platform causes the account portal computing platform to provide at least one subscription manager interface to the first client computing device.
14. The computing platform ofclaim 13, wherein the at least one subscription manager interface provided to the first client computing device comprises a user-selectable option to revoke access to the user-specific data associated with the first user account from the external application host platform.
15. The computing platform ofclaim 1, wherein the memory stores additional computer-readable instructions that, when executed by the at least one processor, cause the computing platform to:
receive, via the communication interface, from the external application host platform, a second federated login request comprising second user identification information associated with a second user account;
determine that the second user account is hosted by a second organization different from a first organization that hosts the first user account; and
based on determining that the second user account is hosted by the second organization different from the first organization that hosts the first user account, route the second federated login request comprising the second user identification information associated with the second user account to an authentication server associated with the second organization via the data hub platform.
16. A method, comprising:
at a computing platform comprising at least one processor, a communication interface, and memory:
receiving, by the at least one processor, via the communication interface, from an external application host platform, a first federated login request comprising first user identification information associated with a first user account;
based on receiving the first federated login request comprising the first user identification information associated with the first user account, sending, by the at least one processor, via the communication interface, to a first client computing device linked to the first user account, a first push notification prompting a user of the first client computing device to authenticate;
authenticating, by the at least one processor, the user of the first client computing device to the first user account;
based on authenticating the user of the first client computing device to the first user account, generating, by the at least one processor, an orchestration message directing a data hub platform to initiate a validated data transfer with the external application host platform;
sending, by the at least one processor, via the communication interface, to the data hub platform, the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, wherein sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform causes the data hub platform to initiate a transfer of external information associated with the user of the first client computing device and maintained on at least one external data source server from the at least one external data source server to the external application host platform; and
after sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, initiate a transfer of internal information associated with the user of the first client computing device to the external application host platform,
wherein a first portion of the internal information associated with the user of the first client computing device is maintained on an account portal computing platform, and
wherein initiating the transfer of the internal information associated with the user of the first client computing device to the external application host platform comprises:
generating at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform; and
sending, via the communication interface, to the account portal computing platform, the at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform.
17. The method ofclaim 16, wherein sending the first push notification prompting the user of the first client computing device to authenticate causes the first client computing device linked to the first user account to present a notification prompting the user of the first client computing device to login to a mobile application associated with a client portal hosted by the account portal computing platform.
18. One or more non-transitory computer-readable media storing instructions that, when executed by a computing platform comprising at least one processor, a communication interface, and memory, cause the computing platform to:
receive, via the communication interface, from an external application host platform, a first federated login request comprising first user identification information associated with a first user account;
based on receiving the first federated login request comprising the first user identification information associated with the first user account, send, via the communication interface, to a first client computing device linked to the first user account, a first push notification prompting a user of the first client computing device to authenticate;
authenticate the user of the first client computing device to the first user account;
based on authenticating the user of the first client computing device to the first user account, generate an orchestration message directing a data hub platform to initiate a validated data transfer with the external application host platform;
send, via the communication interface, to the data hub platform, the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, wherein sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform causes the data hub platform to initiate a transfer of external information associated with the user of the first client computing device and maintained on at least one external data source server from the at least one external data source server to the external application host platform; and
after sending the orchestration message directing the data hub platform to initiate the validated data transfer with the external application host platform, initiate a transfer of internal information associated with the user of the first client computing device to the external application host platform,
wherein a first portion of the internal information associated with the user of the first client computing device is maintained on an account portal computing platform, and
wherein initiating the transfer of the internal information associated with the user of the first client computing device to the external application host platform comprises:
generating at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform; and
sending, via the communication interface, to the account portal computing platform, the at least one command directing the account portal computing platform to send the first portion of the internal information associated with the user of the first client computing device to the external application host platform.
19. The method ofclaim 16, wherein authenticating the user of the first client computing device to the first user account comprises validating one or more of a username received from the user of the first client computing device, a password received from the user of the first client computing device, a one-time passcode received from the user of the first client computing device, biometric input received from the user of the first client computing device, or security question input received from the user of the first client computing device.
20. The one or more non-transitory computer-readable media ofclaim 18, wherein sending the first push notification prompting the user of the first client computing device to authenticate causes the first client computing device linked to the first user account to present a notification prompting the user of the first client computing device to login to a mobile application associated with a client portal hosted by the account portal computing platform.
US16/210,1172018-12-052018-12-05Utilizing federated user identifiers to enable secure information sharingActive2039-01-17US11159510B2 (en)

Priority Applications (2)

Application NumberPriority DateFiling DateTitle
US16/210,117US11159510B2 (en)2018-12-052018-12-05Utilizing federated user identifiers to enable secure information sharing
US17/447,304US12355750B2 (en)2018-12-052021-09-10Utilizing federated user identifiers to enable secure information sharing

Applications Claiming Priority (1)

Application NumberPriority DateFiling DateTitle
US16/210,117US11159510B2 (en)2018-12-052018-12-05Utilizing federated user identifiers to enable secure information sharing

Related Child Applications (1)

Application NumberTitlePriority DateFiling Date
US17/447,304ContinuationUS12355750B2 (en)2018-12-052021-09-10Utilizing federated user identifiers to enable secure information sharing

Publications (2)

Publication NumberPublication Date
US20200186518A1 US20200186518A1 (en)2020-06-11
US11159510B2true US11159510B2 (en)2021-10-26

Family

ID=70971281

Family Applications (2)

Application NumberTitlePriority DateFiling Date
US16/210,117Active2039-01-17US11159510B2 (en)2018-12-052018-12-05Utilizing federated user identifiers to enable secure information sharing
US17/447,304Active2040-04-12US12355750B2 (en)2018-12-052021-09-10Utilizing federated user identifiers to enable secure information sharing

Family Applications After (1)

Application NumberTitlePriority DateFiling Date
US17/447,304Active2040-04-12US12355750B2 (en)2018-12-052021-09-10Utilizing federated user identifiers to enable secure information sharing

Country Status (1)

CountryLink
US (2)US11159510B2 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20220038451A1 (en)*2018-12-052022-02-03Bank Of America CorporationUtilizing Federated User Identifiers to Enable Secure Information Sharing
US11775623B2 (en)2018-12-052023-10-03Bank Of America CorporationProcessing authentication requests to secured information systems using machine-learned user-account behavior profiles
US11790062B2 (en)2018-12-052023-10-17Bank Of America CorporationProcessing authentication requests to secured information systems based on machine-learned user behavior profiles
US11797661B2 (en)2018-12-052023-10-24Bank Of America CorporationDynamically generating activity prompts to build and refine machine learning authentication models
US20250202884A1 (en)*2023-12-192025-06-19Sap SeStorage layer abstraction for distributed, self-sovereign content sharing

Families Citing this family (9)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US10749970B1 (en)*2016-12-282020-08-18Wells Fargo Bank, N.A.Continuous task-based communication sessions
US10637845B2 (en)2017-07-212020-04-28International Business Machines CorporationPrivacy-aware ID gateway
US11113370B2 (en)*2018-12-052021-09-07Bank Of America CorporationProcessing authentication requests to secured information systems using machine-learned user-account behavior profiles
US11120109B2 (en)2018-12-052021-09-14Bank Of America CorporationProcessing authentication requests to secured information systems based on machine-learned event profiles
US11431701B2 (en)*2020-08-182022-08-30Capital One Services, LlcComputer-based systems involving sharing session authentication and/or account details with a trusted party and methods of use thereof
US11062809B1 (en)2020-09-292021-07-13Textline, Inc.Secure messaging system with constrained user actions for ensured compliant transmission of sensitive information
US11792611B2 (en)2020-09-292023-10-17Textline, Inc.Secure messaging system with constrained user actions, including override, for ensured compliant transmission of sensitive information
US11552943B2 (en)*2020-11-132023-01-10Cyberark Software Ltd.Native remote access to target resources using secretless connections
JP2025520241A (en)*2022-06-142025-07-03ストライカー コーポレイション COMMUNICATION SYSTEM FOR A PATIENT SUPPORT DEVICE - Patent application

Citations (186)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20030177121A1 (en)*2002-03-182003-09-18Moona Sanjay K.Method of assessing an organization's network identity capability
US20060064502A1 (en)*2004-09-222006-03-23Transaxtions LlcUsing Popular IDs To Sign On Creating A Single ID for Access
US20060218630A1 (en)*2005-03-232006-09-28Sbc Knowledge Ventures L.P.Opt-in linking to a single sign-on account
US20070208744A1 (en)*2006-03-012007-09-06Oracle International CorporationFlexible Authentication Framework
US20070208746A1 (en)*2006-03-012007-09-06Oracle International CorporationSecure Search Performance Improvement
US20070220268A1 (en)*2006-03-012007-09-20Oracle International CorporationPropagating User Identities In A Secure Federated Search System
US20070283425A1 (en)*2006-03-012007-12-06Oracle International CorporationMinimum Lifespan Credentials for Crawling Data Repositories
US20070289024A1 (en)*2006-06-092007-12-13Microsoft Corporation Microsoft Patent GroupControlling access to computer resources using conditions specified for user accounts
US20080021997A1 (en)*2006-07-212008-01-24Hinton Heather MMethod and system for identity provider migration using federated single-sign-on operation
US20090089625A1 (en)*2007-08-022009-04-02Lakshmanan KannappanMethod and Apparatus for Multi-Domain Identity Interoperability and certification
US20090100136A1 (en)*2007-10-152009-04-16Sony Ericsson Mobile Communications AbIntelligent presence
US20090119763A1 (en)*2007-11-062009-05-07So-Hee ParkMethod and system for providing single sign-on service
US20090187974A1 (en)*2008-01-182009-07-23Atul TulshibagwalePush Artifact Binding For Communication In A Federated Identity System
US20090293108A1 (en)*2008-05-202009-11-26International Business Machines CorporationMethod and System for User Management of Authentication Tokens
US7647645B2 (en)2003-07-232010-01-12Omon Ayodele EdekiSystem and method for securing computer system against unauthorized access
US8079079B2 (en)2005-06-292011-12-13Microsoft CorporationMultimodal authentication
US20120233665A1 (en)2011-03-092012-09-13Ebay, Inc.Device reputation
US20120260322A1 (en)*2011-04-082012-10-11Microsoft CorporationFlexible authentication for online services with unreliable identity providers
US20120278872A1 (en)*2011-04-272012-11-01Woelfel John HaroldSystem and method of federated authentication with reverse proxy
US20120323686A1 (en)2011-06-202012-12-20Microsoft CorporationVirtual identity manager
US8346929B1 (en)*2003-08-182013-01-01Oracle America, Inc.System and method for generating secure Web service architectures using a Web Services security assessment methodology
US20130117831A1 (en)*2010-04-302013-05-09Lock Box Pty LtdMethod and system for enabling computer access
US8544072B1 (en)*2009-10-132013-09-24Google Inc.Single sign-on service
US8627438B1 (en)*2011-09-082014-01-07Amazon Technologies, Inc.Passwordless strong authentication using trusted devices
US20140020073A1 (en)*2012-07-132014-01-16Troy Jacob RondaMethods and systems for using derived credentials to authenticate a device across multiple platforms
US20140040993A1 (en)*2011-03-082014-02-06Telefonica, S.A.Method for providing authorized access to a service application in order to use a protected resource of an end user
US8677451B1 (en)*2010-06-222014-03-18Cellco PartnershipEnabling seamless access to a domain of an enterprise
US20140101055A1 (en)*2012-10-052014-04-10Jvl Ventures, LlcSystems, methods, and computer program products for managing remote transactions
US20140101723A1 (en)*2012-10-102014-04-10Adobe Systems IncorporatedExtensible configuration system to allow a website to authenticate users based on an authorization protocol
US20140250511A1 (en)*2011-03-212014-09-04Mocana CorporationSecure single sign-on for a group of wrapped applications on a computing device and runtime credential sharing
US20140337053A1 (en)*2013-03-152014-11-13Virtual Viewbox, Inc."Meaningful-Use"-Compliant, Single Login, Federated Patient Portal System and Methods
US20140337513A1 (en)*2013-05-132014-11-13BloomReach Inc.Cross platform user joining
US20150052587A1 (en)2013-08-192015-02-19Mastercard International IncorporatedSystem and method for graduated security in user authentication
US20150256337A1 (en)*2014-03-052015-09-10Qualcomm IncorporatedUsing end-user federated login to detect a breach in a key exchange encrypted channel
US9203829B1 (en)*2012-07-182015-12-01Google Inc.Unified user login
US20160092870A1 (en)*2014-09-292016-03-31The Toronto-Dominion BankSystems and methods for generating and administering mobile applications using pre-loaded tokens
US20160094546A1 (en)*2014-09-302016-03-31Citrix Systems, Inc.Fast smart card logon
US9396332B2 (en)2014-05-212016-07-19Microsoft Technology Licensing, LlcRisk assessment modeling
US9397990B1 (en)*2013-11-082016-07-19Google Inc.Methods and systems of generating and using authentication credentials for decentralized authorization in the cloud
US20160239649A1 (en)2015-02-132016-08-18Qualcomm IncorporatedContinuous authentication
US20160277481A1 (en)*2013-12-312016-09-22Tencent Technology (Shenzhen) Company LimitedData transferring method, device and system thereof
US9509688B1 (en)2013-03-132016-11-29EMC IP Holding Company LLCProviding malicious identity profiles from failed authentication attempts involving biometrics
US20160381080A1 (en)2015-06-292016-12-29Citrix Systems, Inc.Systems and methods for flexible, extensible authentication subsystem that enabled enhance security for applications
US9536072B2 (en)2015-04-092017-01-03Qualcomm IncorporatedMachine-learning behavioral analysis to detect device theft and unauthorized device usage
US20170041296A1 (en)*2015-08-052017-02-09Intralinks, Inc.Systems and methods of secure data exchange
US20170048252A1 (en)*2015-08-142017-02-16Oracle International CorporationDiscovery of federated logins
US20170078225A1 (en)*2015-09-162017-03-16Verizon Patent And Licensing Inc.Content inference engine based on user behavior
US9628491B1 (en)*2016-01-252017-04-18International Business Machines CorporationSecure assertion attribute for a federated log in
US9635027B1 (en)*2016-09-022017-04-25Blink.Cloud LLCData transmission using dynamically rendered message content prestidigitation
US20170142080A1 (en)*2015-11-122017-05-18Facebook, Inc.Systems and methods for user account recovery
US20170149770A1 (en)*2015-11-242017-05-25International Business Machines CorporationUsing an out-of-band password to provide enhanced sso functionality
US9692740B2 (en)*2012-02-012017-06-27Amazon Technologies, Inc.Account management for network sites
US20170230344A1 (en)*2016-02-092017-08-10Xerox CorporationMethods and systems for broadcasting targeted advertisements to mobile device
US20170227995A1 (en)2016-02-092017-08-10The Trustees Of Princeton UniversityMethod and system for implicit authentication
US20170244757A1 (en)*2016-02-222017-08-24Bank Of America CorporationSystem for external validation of secure process transactions
US20170317993A1 (en)2016-04-282017-11-02Lenovo Enterprise Solutions (Singapore) Pte. Ltd.User authentication based on tracked activity
US20170331816A1 (en)2016-05-122017-11-16Bank Of America CorporationPreventing Unauthorized Access to Secured Information Systems Using Multi-Device Authentication Techniques
US20170346821A1 (en)*2016-05-262017-11-30Dropbox, Inc.Identifying accounts having shared credentials
US20180007553A1 (en)2014-08-192018-01-04Zighra Inc.System And Method For Implicit Authentication
US20180020009A1 (en)*2015-09-092018-01-18Tencent Technology (Shenzhen) Company LimitedMethod and system for implementing verification within data transfer
US20180063122A1 (en)*2016-08-302018-03-01International Business Machines CorporationIdentification federation based single sign-on
US20180077568A1 (en)*2016-09-092018-03-15Dell Products L.P.Enabling remote access to a service controller having a factory-installed unique default password
US20180131685A1 (en)*2016-11-042018-05-10Netskope, Inc.Non-intrusive security enforcement for federated single sign-on (sso)
US20180139199A1 (en)*2016-11-172018-05-17Adp, LlcSelective authentication system
US20180167816A1 (en)2015-01-132018-06-14Collateral Opportunities, LlcSystem and method for preventing unauthorized access to restricted computer systems
US20180164959A1 (en)*2016-12-142018-06-14Microsoft Technology Licensing, LlcPersonalized adaptive task framework for user life events
US20180183586A1 (en)*2016-12-282018-06-28Intel CorporationAssigning user identity awareness to a cryptographic key
US20180234464A1 (en)2017-02-152018-08-16Microsoft Technology Licensing, LlcBrokered authentication with risk sharing
US20180249285A1 (en)2014-11-202018-08-30At&T Intellectual Property I, L.P.Smart machine to machine behavior tracking
US20180249292A1 (en)2016-03-232018-08-30Fedex Corporate Services, Inc.Methods, apparatus, and systems for enhanced multi-radio container node elements used in a wireless node network
US20180255060A1 (en)2016-03-282018-09-06Zscaler, Inc.Service driven split tunneling of mobile network traffic
US20180253718A1 (en)2015-08-202018-09-06Omnyway, Inc.Methods and systems for performing secure mobile payment and non-payment transactions with integrated loyalty, rewards, and promotions
US20180251132A1 (en)2008-07-022018-09-06Michael PhelanDriver authentication system and method for monitoring and controlling vehicle usage
US20180255456A1 (en)2017-03-032018-09-06Verizon Patent And Licensing Inc.Network-based device registration for content distribution platforms
US20180253682A1 (en)2017-03-012018-09-06Cvs Pharmacy, Inc.Intelligent Pre-Processing and Fulfillment of Mixed Orders
US20180255084A1 (en)2017-03-022018-09-06Crypteia Networks S.A.Systems and methods for behavioral cluster-based network threat detection
US20180253840A1 (en)2017-03-062018-09-06Bao TranSmart mirror
US20180254101A1 (en)2017-03-012018-09-06Ayasdi, Inc.Healthcare provider claims denials prevention systems and methods
US20180253713A1 (en)2013-09-022018-09-06Paypal, Inc.Optimized multiple digital wallet presentation
US20180255000A1 (en)2017-03-032018-09-06Bank Of America CorporationComputerized system for providing resource distribution channels based on predicting future resource distributions
US20180255422A1 (en)2017-03-022018-09-06Blackberry LimitedMethod and system for wakeup trigger by out-of-band communication
US20180260743A1 (en)2000-06-092018-09-13Airport AmericaAutomated internet based interactive travel planning and management system
US20180262909A1 (en)2013-11-012018-09-13Rivetz Corp.Determining Identity Of Individuals Using Authenticators
US20180262597A1 (en)2017-03-082018-09-13Citrix Systems, Inc.Universal quality of service for internet of things devices
US20180261060A1 (en)2016-08-122018-09-13Ring Inc.Parcel theft deterrence for a/v recording and communication devices
US20180260384A1 (en)2012-04-202018-09-13Maluuba Inc.Conversational agent
US20180262810A1 (en)2010-07-122018-09-13Time Warner Cable Enterprises LlcApparatus and methods for content management and account linking across multiple content delivery networks
US20180262529A1 (en)2015-12-282018-09-13Amazon Technologies, Inc.Honeypot computing services that include simulated computing resources
US20180262388A1 (en)2006-09-252018-09-13Weaved, Inc.Remote device deployment
US20180262620A1 (en)2014-03-142018-09-13Twilio, Inc.System and method for a work distribution service
US20180261126A1 (en)2014-03-132018-09-13Truinject Corp.Automated detection of performance characteristics in an injection training system
US20180260641A1 (en)2017-03-072018-09-13Wipro LimitedMethod and a System for Detecting Drowsiness State of a Vehicle User
US20180260553A1 (en)2013-05-132018-09-13Veridium Ip LimitedSystem and method for authorizing access to access-controlled environments
US20180268944A1 (en)2017-03-202018-09-20Ramkrishna PrakashSystem, apparatus and method for management of health and wellness information, and management of transactions using same
US20180268632A1 (en)2015-05-292018-09-20Google LlcSystems and Methods for Anticipatory Locking and Unlocking of a Smart-Sensor Door Lock
US20180270549A1 (en)2016-06-232018-09-203M Innovative Properties CompanyPersonal protective equipment (ppe) with analytical stream processing for safety event detection
US20180268408A1 (en)2017-03-202018-09-20Square, Inc.Configuring Verification Information At Point-of-Sale Devices
US20180264347A1 (en)2016-05-022018-09-20Bao TranSmart device
US20180268818A1 (en)2017-03-202018-09-20Ebay Inc.Detection of mission change in conversation
US20180270608A1 (en)2017-03-172018-09-20SCRRD, Inc.Wireless Device Detection, Tracking, and Authentication Platform and Techniques
US20180270276A9 (en)2014-10-082018-09-20Google Inc.Network-assisted fabric pairing
US20180268015A1 (en)2015-09-022018-09-20Sasha SugaberryMethod and apparatus for locating errors in documents via database queries, similarity-based information retrieval and modeling the errors for error resolution
US20180268691A1 (en)2017-03-172018-09-20At&T Intellectual Property I, L.P.Vehicle alert system using mobile location information
US20180269554A1 (en)2013-02-042018-09-20Ubiquiti Networks, Inc.Coaxial rf dual-polarized waveguide filter and method
US20180270612A1 (en)2017-03-172018-09-20SCRRD, Inc.Wireless Device Detection, Tracking, and Authentication Platform and Techniques
US20180269927A1 (en)2015-09-162018-09-20At&T Intellectual Property I, L.P.Method and apparatus for use with a radio distributed antenna system having an out-of-band reference signal
US20180268674A1 (en)2017-03-202018-09-20Ring Inc.Dynamic Identification of Threat Level Associated With a Person Using an Audio/Video Recording and Communication Device
US20180275765A1 (en)2013-11-182018-09-27Amazon Technologies, Inc.Account management services for load balancers
US20180276710A1 (en)2017-03-172018-09-27Edatanetworks Inc.Artificial Intelligence Engine Incenting Merchant Transaction With Consumer Affinity
US20180278496A1 (en)2017-03-232018-09-27Cisco Technology, Inc.Predicting Application And Network Performance
US20180278597A1 (en)2006-10-202018-09-27Time Warner Cable Enterprises LlcDownloadable security and protection methods and apparatus
US20180276261A1 (en)2014-05-302018-09-27Georgetown UniversityProcess and Framework For Facilitating Information Sharing Using a Distributed Hypergraph
US20180274876A1 (en)2013-04-012018-09-27Yardarm Technologies, Inc.Telematics sensors and camera activation in connection with firearm activity
US20180276205A1 (en)2015-02-232018-09-27D2L CorporationSystems and methods for motivation-based course selection
US20180276041A1 (en)2017-03-212018-09-27Oracle International CorporationDynamic dispatching of workloads spanning heterogeneous services
US20180278648A1 (en)2017-03-222018-09-27Symantec CorporationSystems and methods for enforcing dynamic network security policies
US20180278740A1 (en)2017-03-272018-09-27Samsung Electronics Co., Ltd.Electronic device and method of executing function of electronic device
US20180276495A1 (en)2017-03-222018-09-27Ebay Inc.Visual aspect localization presentation
US20180302418A1 (en)2017-04-122018-10-18Cybersecurity Defense Solutions, LlcMethod and system for detection and interference of network reconnaissance
US20180301149A1 (en)2017-04-172018-10-18Essential Products, Inc.Voice setup instructions
US20180302285A1 (en)2017-04-172018-10-18Essential Products, Inc.Troubleshooting voice-enabled home setup
US20180301148A1 (en)2017-04-172018-10-18Essential Products, Inc.Connecting assistant device to devices
US20180302362A1 (en)2017-04-142018-10-18International Business Machines CorporationMobile device input language suggestion based on message receiver's environment
US20180302425A1 (en)2017-04-172018-10-18Splunk Inc.Detecting fraud by correlating user behavior biometrics with other data sources
US20180302420A1 (en)2013-03-152018-10-18CyberSecure IPS, LLCCable assembly
US20180302423A1 (en)2015-08-312018-10-18Splunk Inc.Network security anomaly and threat detection using rarity scoring
US20180307908A1 (en)2017-04-212018-10-25Walmart Apollo, LlcVirtual reality appliance management user interface
US20180307303A1 (en)2017-04-192018-10-25Magic Leap, Inc.Multimodal task execution and text editing for a wearable system
US20180310159A1 (en)2017-04-242018-10-25Rapidsos, Inc.Modular emergency communication flow management system
US20180308473A1 (en)2015-09-022018-10-25True Image Interactive, Inc.Intelligent virtual assistant systems and related methods
US20180309752A1 (en)*2017-04-202018-10-25Adp, LlcEnhanced security authentication system
US20180307399A1 (en)2017-04-202018-10-25Adobe Systems IncorporatedDynamic Thumbnails
US20180308100A1 (en)2017-04-192018-10-25Risto HaukiojaSystem and method of client recognition for service provider transactions
US20180308073A1 (en)2017-04-202018-10-25Bank Of America CorporationComputerized system for resource deficiency triggered dynamic resource transfer
US20180315499A1 (en)2017-04-282018-11-01Better Therapeutics LlcSystem, methods, and apparatuses for managing data for artificial intelligence software and mobile applications in digital health therapeutics
US20180316852A1 (en)2017-05-012018-11-01Ricoh Company, Ltd.Guided image capture user interface
US20180315110A1 (en)2012-05-082018-11-01[24]7.ai, Inc.Method and Apparatus for Enhanced In-Store Retail Experience Using Location Awareness
US20180317146A1 (en)2014-01-282018-11-01Openet Telecom Ltd.System and Method for Performing Network Selection
US20180314689A1 (en)2015-12-222018-11-01Sri InternationalMulti-lingual virtual personal assistant
US20180321672A1 (en)2016-05-092018-11-08StrongForce IoT Portfolio 2016, LLCMethods and systems for a data marketplace in an industrial internet of things environment
US20180322419A1 (en)2017-05-082018-11-08Centurylink Intellectual Property LlcModel Driven Modular Artificial Intelligence Learning Framework
US20180321185A1 (en)2017-05-022018-11-08Centaur Analytics, Inc.Wireless sensor devices for post-harvest crop quality and pest management
US20180322961A1 (en)2017-05-052018-11-08Canary Speech, LLCMedical assessment based on voice
US20180322879A1 (en)2016-12-302018-11-08Google LlcMultimodal transmission of packetized data
US20180330248A1 (en)2017-05-122018-11-15Adobe Systems IncorporatedContext-aware recommendation system for analysts
US20180329744A1 (en)2013-03-152018-11-15Advanced Elemental Technologies, Inc.Tamper resistant, identity-based, purposeful networking arrangement
US20180326291A1 (en)2016-05-022018-11-15Bao TranSmart device
US20180330000A1 (en)2016-04-082018-11-15Pearson Education, Inc.Personalized automatic content aggregation generation
US20180326150A1 (en)2016-05-022018-11-15Dexcom, Inc.System and method for providing alerts optimized for a user
US20180330417A1 (en)2017-05-152018-11-15Wippy, LLCSystems, methods, and devices for dynamic used vehicle marketing, dealer matching, and extended sale period transactions platform
US20180332132A1 (en)2017-05-152018-11-15Citrix Systems, Inc.Optimizing Web Applications Using a Rendering Engine
US20180329738A1 (en)2017-05-112018-11-15Vmware, Inc.Methods and systems that verify endpoints and external tasks in release-pipeline prior to execution
US20180330059A1 (en)2017-05-092018-11-15James Stewart BatesPatient treatment systems and methods
US20180337966A1 (en)2014-08-292018-11-22Box, Inc.Managing flow-based interactions with cloud-based shared content
US20180338330A1 (en)2017-05-222018-11-22Apple Inc.Proximity pairing based on signal strength
US20180336638A1 (en)2017-05-222018-11-22Insurance Zebra Inc.Classifying rate factors in consumer profiles based on effects of the factors in high-dimensional models
US20180336639A1 (en)2017-05-222018-11-22Insurance Zebra Inc.Using simulated consumer profiles to form calibration data for models
US20180336640A1 (en)2017-05-222018-11-22Insurance Zebra Inc.Rate analyzer models and user interfaces
US20180336641A1 (en)2017-05-222018-11-22Insurance Zebra Inc.Dimensionality reduction of multi-attribute consumer profiles
US20180338120A1 (en)2017-05-222018-11-22Amazon Technologies, Inc.Intelligent event summary, notifications, and video presentation for audio/video recording and communication devices
US20180335776A1 (en)2017-05-162018-11-22GM Global Technology Operations LLCSystems and methods for selecting driving modes in autonomous vehicles
US20180336905A1 (en)2017-05-162018-11-22Apple Inc.Far-field extension for digital assistant services
US20180359242A1 (en)*2017-06-132018-12-13Microsoft Technology Licensing, LlcCross Cloud Tenant Discovery
US20180359238A1 (en)*2017-06-132018-12-13Microsoft Technology Licensing, LlcCross Cloud Application Access
US20190020646A1 (en)*2017-07-122019-01-17Logmein, Inc.Federated login for password vault
US20190028462A1 (en)*2017-07-212019-01-24International Business Machines CorporationPrivacy-aware id gateway
US20190058706A1 (en)*2017-08-172019-02-21Citrix Systems, Inc.Extending Single-Sign-On to Relying Parties of Federated Logon Providers
US20190057386A1 (en)*2017-08-152019-02-21Mani FazeliApplication server for automated data transfers and associated methods
US20190158497A1 (en)*2017-11-202019-05-23Microsoft Technology Licensing, LlcSecuring Shared Components
US20190166485A1 (en)*2017-11-302019-05-30T-Mobile Usa, Inc.On-boarding entity for remote embedded universal integrated circuit card management
US20190166112A1 (en)*2017-11-242019-05-30Microsoft Technology Licensing, LlcProtecting against malicious discovery of account existence
US20190190704A1 (en)*2017-12-142019-06-20Mastercard International IncorporatedMethod and system for device level authentication in electronic transactions
US20190220583A1 (en)2016-10-032019-07-18Bioconnect Inc.Biometric identification platform
US20190245848A1 (en)*2018-02-082019-08-08Citrix Systems, Inc.Fast Smart Card Login
US20190332691A1 (en)*2018-04-302019-10-31Robert Dale BeadlesUniversal subscription and cryptocurrency payment management platforms and methods of use
US20190372968A1 (en)2018-05-302019-12-05Jumio CorporationMachine Learning for Document Authentication
US20190392162A1 (en)*2018-06-252019-12-26Merck Sharp & Dohme Corp.Dynamic consent enforcement for internet of things
US20200007530A1 (en)*2018-06-282020-01-02Oracle International CorporationSession Synchronization Across Multiple Devices in an Identity Cloud Service
US10601808B1 (en)*2014-06-302020-03-24Cox Communications, IncSingle sign-in across links/URLs while watching programs
US20200162454A1 (en)*2018-11-212020-05-21Citrix Systems, Inc.Self-federation in authentication systems
US20200186518A1 (en)2018-12-052020-06-11Bank Of America CorporationUtilizing Federated User Identifiers to Enable Secure Information Sharing
US20200184065A1 (en)2018-12-052020-06-11Bank Of America CorporationDynamically Generating Activity Prompts to Build and Refine Machine Learning Authentication Models
US20200184048A1 (en)2018-12-052020-06-11Bank Of America CorporationProcessing Authentication Requests to Secured Information Systems Based on Machine-Learned User Behavior Profiles
US20200184049A1 (en)2018-12-052020-06-11Bank Of America CorporationProcessing Authentication Requests to Secured Information Systems Based on Machine-Learned Event Profiles
US20200184051A1 (en)2018-12-052020-06-11Bank Of America CorporationProcessing Authentication Requests to Secured Information Systems Using Machine-Learned User-Account Behavior Profiles
US20200235933A1 (en)*2017-05-062020-07-23Ilya Vladimirovich RedkokashinMethod For Transmitting Personal Information

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US3581414A (en)1969-06-181971-06-01Frank J CrawfordAthletic shoe{3 s safety traction-sole cleats
US20040181670A1 (en)*2003-03-102004-09-16Carl ThuneSystem and method for disguising data
US8010082B2 (en)*2004-10-202011-08-30Seven Networks, Inc.Flexible billing architecture
CN101480021B (en)*2005-03-292013-02-13捷讯研究有限公司System and method for personal identification number messaging
US8429630B2 (en)*2005-09-152013-04-23Ca, Inc.Globally distributed utility computing cloud
US8868540B2 (en)*2006-03-012014-10-21Oracle International CorporationMethod for suggesting web links and alternate terms for matching search queries
US8707451B2 (en)*2006-03-012014-04-22Oracle International CorporationSearch hit URL modification for secure application integration
US8881266B2 (en)*2008-11-132014-11-04Palo Alto Research Center IncorporatedEnterprise password reset
KR20120120955A (en)*2010-02-092012-11-02인터디지탈 패튼 홀딩스, 인크Method and apparatus for trusted federated identity
US8509431B2 (en)*2010-09-202013-08-13Interdigital Patent Holdings, Inc.Identity management on a wireless device
US9160865B2 (en)*2012-12-042015-10-13Bank Of America CorporationMobile platform as a delivery mechanism for security capabilities
US9741033B2 (en)*2012-12-312017-08-22Piyush BhatnagarSystem and method for point of sale payment data credentials management using out-of-band authentication
US10205717B1 (en)*2013-04-012019-02-12Amazon Technologies, Inc.Virtual machine logon federation
US9600675B2 (en)*2014-02-232017-03-21Aitheras, LlcSecure file transfer systems and methods
US9805185B2 (en)*2014-03-102017-10-31Cisco Technology, Inc.Disposition engine for single sign on (SSO) requests
US10135700B2 (en)*2014-03-102018-11-20Softphone SRLEnterprise application integration on client computing devices
EP2933981B1 (en)2014-04-172018-08-01Comptel OYMethod and system of user authentication
EP3283964B1 (en)*2015-04-152021-03-17BlackBerry LimitedMethod of operating a computing device, computing device and computer program
US20170068934A1 (en)*2015-09-042017-03-09Blackberry LimitedMethod of automatic scheduling, related devices and communication system
US9503452B1 (en)*2016-04-072016-11-22Automiti LlcSystem and method for identity recognition and affiliation of a user in a service transaction
US10153899B2 (en)*2016-11-182018-12-11Airwatch, LlcSystem for retrieval of email certificates from remote certificate repository
US20180270248A1 (en)*2017-03-142018-09-20International Business Machines CorporationSecure resource access based on psychometrics
US10503759B2 (en)*2017-04-122019-12-10Verizon Patent And Licensing Inc.System and method for providing media identifiers associated with enterprise messages
US11068567B2 (en)*2017-06-042021-07-20Harsha RamalingamSelf-owned authentication and identity framework
US10965683B1 (en)*2017-12-072021-03-30Wells Fargo Bank, N.A.Login and authentication methods and systems
US11113370B2 (en)2018-12-052021-09-07Bank Of America CorporationProcessing authentication requests to secured information systems using machine-learned user-account behavior profiles

Patent Citations (196)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20180260743A1 (en)2000-06-092018-09-13Airport AmericaAutomated internet based interactive travel planning and management system
US20030177121A1 (en)*2002-03-182003-09-18Moona Sanjay K.Method of assessing an organization's network identity capability
US7647645B2 (en)2003-07-232010-01-12Omon Ayodele EdekiSystem and method for securing computer system against unauthorized access
US8346929B1 (en)*2003-08-182013-01-01Oracle America, Inc.System and method for generating secure Web service architectures using a Web Services security assessment methodology
US20060064502A1 (en)*2004-09-222006-03-23Transaxtions LlcUsing Popular IDs To Sign On Creating A Single ID for Access
US20060218630A1 (en)*2005-03-232006-09-28Sbc Knowledge Ventures L.P.Opt-in linking to a single sign-on account
US8079079B2 (en)2005-06-292011-12-13Microsoft CorporationMultimodal authentication
US20070283425A1 (en)*2006-03-012007-12-06Oracle International CorporationMinimum Lifespan Credentials for Crawling Data Repositories
US20070208744A1 (en)*2006-03-012007-09-06Oracle International CorporationFlexible Authentication Framework
US20070208746A1 (en)*2006-03-012007-09-06Oracle International CorporationSecure Search Performance Improvement
US20070220268A1 (en)*2006-03-012007-09-20Oracle International CorporationPropagating User Identities In A Secure Federated Search System
US20070289024A1 (en)*2006-06-092007-12-13Microsoft Corporation Microsoft Patent GroupControlling access to computer resources using conditions specified for user accounts
US20080021997A1 (en)*2006-07-212008-01-24Hinton Heather MMethod and system for identity provider migration using federated single-sign-on operation
US20180262388A1 (en)2006-09-252018-09-13Weaved, Inc.Remote device deployment
US20180278597A1 (en)2006-10-202018-09-27Time Warner Cable Enterprises LlcDownloadable security and protection methods and apparatus
US20090089625A1 (en)*2007-08-022009-04-02Lakshmanan KannappanMethod and Apparatus for Multi-Domain Identity Interoperability and certification
US20090100136A1 (en)*2007-10-152009-04-16Sony Ericsson Mobile Communications AbIntelligent presence
US20090119763A1 (en)*2007-11-062009-05-07So-Hee ParkMethod and system for providing single sign-on service
US20090187974A1 (en)*2008-01-182009-07-23Atul TulshibagwalePush Artifact Binding For Communication In A Federated Identity System
US20090293108A1 (en)*2008-05-202009-11-26International Business Machines CorporationMethod and System for User Management of Authentication Tokens
US20180251132A1 (en)2008-07-022018-09-06Michael PhelanDriver authentication system and method for monitoring and controlling vehicle usage
US8544072B1 (en)*2009-10-132013-09-24Google Inc.Single sign-on service
US20130117831A1 (en)*2010-04-302013-05-09Lock Box Pty LtdMethod and system for enabling computer access
US8677451B1 (en)*2010-06-222014-03-18Cellco PartnershipEnabling seamless access to a domain of an enterprise
US20180262810A1 (en)2010-07-122018-09-13Time Warner Cable Enterprises LlcApparatus and methods for content management and account linking across multiple content delivery networks
US20140040993A1 (en)*2011-03-082014-02-06Telefonica, S.A.Method for providing authorized access to a service application in order to use a protected resource of an end user
US20120233665A1 (en)2011-03-092012-09-13Ebay, Inc.Device reputation
US20140250511A1 (en)*2011-03-212014-09-04Mocana CorporationSecure single sign-on for a group of wrapped applications on a computing device and runtime credential sharing
US20120260322A1 (en)*2011-04-082012-10-11Microsoft CorporationFlexible authentication for online services with unreliable identity providers
US20120278872A1 (en)*2011-04-272012-11-01Woelfel John HaroldSystem and method of federated authentication with reverse proxy
US20120323686A1 (en)2011-06-202012-12-20Microsoft CorporationVirtual identity manager
US8627438B1 (en)*2011-09-082014-01-07Amazon Technologies, Inc.Passwordless strong authentication using trusted devices
US9692740B2 (en)*2012-02-012017-06-27Amazon Technologies, Inc.Account management for network sites
US20180260384A1 (en)2012-04-202018-09-13Maluuba Inc.Conversational agent
US20180315110A1 (en)2012-05-082018-11-01[24]7.ai, Inc.Method and Apparatus for Enhanced In-Store Retail Experience Using Location Awareness
US20140020073A1 (en)*2012-07-132014-01-16Troy Jacob RondaMethods and systems for using derived credentials to authenticate a device across multiple platforms
US9203829B1 (en)*2012-07-182015-12-01Google Inc.Unified user login
US20140101055A1 (en)*2012-10-052014-04-10Jvl Ventures, LlcSystems, methods, and computer program products for managing remote transactions
US20140101723A1 (en)*2012-10-102014-04-10Adobe Systems IncorporatedExtensible configuration system to allow a website to authenticate users based on an authorization protocol
US20180269554A1 (en)2013-02-042018-09-20Ubiquiti Networks, Inc.Coaxial rf dual-polarized waveguide filter and method
US9509688B1 (en)2013-03-132016-11-29EMC IP Holding Company LLCProviding malicious identity profiles from failed authentication attempts involving biometrics
US20180329744A1 (en)2013-03-152018-11-15Advanced Elemental Technologies, Inc.Tamper resistant, identity-based, purposeful networking arrangement
US20180302420A1 (en)2013-03-152018-10-18CyberSecure IPS, LLCCable assembly
US20140337053A1 (en)*2013-03-152014-11-13Virtual Viewbox, Inc."Meaningful-Use"-Compliant, Single Login, Federated Patient Portal System and Methods
US20180274876A1 (en)2013-04-012018-09-27Yardarm Technologies, Inc.Telematics sensors and camera activation in connection with firearm activity
US20180260553A1 (en)2013-05-132018-09-13Veridium Ip LimitedSystem and method for authorizing access to access-controlled environments
US20140337513A1 (en)*2013-05-132014-11-13BloomReach Inc.Cross platform user joining
US20150052587A1 (en)2013-08-192015-02-19Mastercard International IncorporatedSystem and method for graduated security in user authentication
US20180253713A1 (en)2013-09-022018-09-06Paypal, Inc.Optimized multiple digital wallet presentation
US20180262909A1 (en)2013-11-012018-09-13Rivetz Corp.Determining Identity Of Individuals Using Authenticators
US9397990B1 (en)*2013-11-082016-07-19Google Inc.Methods and systems of generating and using authentication credentials for decentralized authorization in the cloud
US20180275765A1 (en)2013-11-182018-09-27Amazon Technologies, Inc.Account management services for load balancers
US20160277481A1 (en)*2013-12-312016-09-22Tencent Technology (Shenzhen) Company LimitedData transferring method, device and system thereof
US20180317146A1 (en)2014-01-282018-11-01Openet Telecom Ltd.System and Method for Performing Network Selection
US20150256337A1 (en)*2014-03-052015-09-10Qualcomm IncorporatedUsing end-user federated login to detect a breach in a key exchange encrypted channel
US20180261126A1 (en)2014-03-132018-09-13Truinject Corp.Automated detection of performance characteristics in an injection training system
US20180262620A1 (en)2014-03-142018-09-13Twilio, Inc.System and method for a work distribution service
US9396332B2 (en)2014-05-212016-07-19Microsoft Technology Licensing, LlcRisk assessment modeling
US20180276261A1 (en)2014-05-302018-09-27Georgetown UniversityProcess and Framework For Facilitating Information Sharing Using a Distributed Hypergraph
US10601808B1 (en)*2014-06-302020-03-24Cox Communications, IncSingle sign-in across links/URLs while watching programs
US20190098503A1 (en)2014-08-192019-03-28Zighra Inc.System And Method For Implicit Authentication
US20180007553A1 (en)2014-08-192018-01-04Zighra Inc.System And Method For Implicit Authentication
US20180337966A1 (en)2014-08-292018-11-22Box, Inc.Managing flow-based interactions with cloud-based shared content
US20160092870A1 (en)*2014-09-292016-03-31The Toronto-Dominion BankSystems and methods for generating and administering mobile applications using pre-loaded tokens
US20160094546A1 (en)*2014-09-302016-03-31Citrix Systems, Inc.Fast smart card logon
US20180270276A9 (en)2014-10-082018-09-20Google Inc.Network-assisted fabric pairing
US20180249285A1 (en)2014-11-202018-08-30At&T Intellectual Property I, L.P.Smart machine to machine behavior tracking
US10292051B2 (en)2015-01-132019-05-14Collateral Opportunities, LlcSystem and method for preventing unauthorized access to restricted computer systems
US20180167816A1 (en)2015-01-132018-06-14Collateral Opportunities, LlcSystem and method for preventing unauthorized access to restricted computer systems
US20160239649A1 (en)2015-02-132016-08-18Qualcomm IncorporatedContinuous authentication
US20180276205A1 (en)2015-02-232018-09-27D2L CorporationSystems and methods for motivation-based course selection
US9536072B2 (en)2015-04-092017-01-03Qualcomm IncorporatedMachine-learning behavioral analysis to detect device theft and unauthorized device usage
US20180268632A1 (en)2015-05-292018-09-20Google LlcSystems and Methods for Anticipatory Locking and Unlocking of a Smart-Sensor Door Lock
US20160381080A1 (en)2015-06-292016-12-29Citrix Systems, Inc.Systems and methods for flexible, extensible authentication subsystem that enabled enhance security for applications
US20170041296A1 (en)*2015-08-052017-02-09Intralinks, Inc.Systems and methods of secure data exchange
US20170048252A1 (en)*2015-08-142017-02-16Oracle International CorporationDiscovery of federated logins
US20180253718A1 (en)2015-08-202018-09-06Omnyway, Inc.Methods and systems for performing secure mobile payment and non-payment transactions with integrated loyalty, rewards, and promotions
US20180302423A1 (en)2015-08-312018-10-18Splunk Inc.Network security anomaly and threat detection using rarity scoring
US20180308473A1 (en)2015-09-022018-10-25True Image Interactive, Inc.Intelligent virtual assistant systems and related methods
US20180268015A1 (en)2015-09-022018-09-20Sasha SugaberryMethod and apparatus for locating errors in documents via database queries, similarity-based information retrieval and modeling the errors for error resolution
US20180020009A1 (en)*2015-09-092018-01-18Tencent Technology (Shenzhen) Company LimitedMethod and system for implementing verification within data transfer
US20170078225A1 (en)*2015-09-162017-03-16Verizon Patent And Licensing Inc.Content inference engine based on user behavior
US20180269927A1 (en)2015-09-162018-09-20At&T Intellectual Property I, L.P.Method and apparatus for use with a radio distributed antenna system having an out-of-band reference signal
US20170142080A1 (en)*2015-11-122017-05-18Facebook, Inc.Systems and methods for user account recovery
US10333927B2 (en)*2015-11-242019-06-25International Business Machines CorporationSimulated SSO functionality by means of multiple authentication procedures and out-of-band communications
US20170149770A1 (en)*2015-11-242017-05-25International Business Machines CorporationUsing an out-of-band password to provide enhanced sso functionality
US20180314689A1 (en)2015-12-222018-11-01Sri InternationalMulti-lingual virtual personal assistant
US20180262529A1 (en)2015-12-282018-09-13Amazon Technologies, Inc.Honeypot computing services that include simulated computing resources
US9628491B1 (en)*2016-01-252017-04-18International Business Machines CorporationSecure assertion attribute for a federated log in
US20170230344A1 (en)*2016-02-092017-08-10Xerox CorporationMethods and systems for broadcasting targeted advertisements to mobile device
US20170227995A1 (en)2016-02-092017-08-10The Trustees Of Princeton UniversityMethod and system for implicit authentication
US20170244757A1 (en)*2016-02-222017-08-24Bank Of America CorporationSystem for external validation of secure process transactions
US20180249292A1 (en)2016-03-232018-08-30Fedex Corporate Services, Inc.Methods, apparatus, and systems for enhanced multi-radio container node elements used in a wireless node network
US20180255060A1 (en)2016-03-282018-09-06Zscaler, Inc.Service driven split tunneling of mobile network traffic
US20180330000A1 (en)2016-04-082018-11-15Pearson Education, Inc.Personalized automatic content aggregation generation
US20170317993A1 (en)2016-04-282017-11-02Lenovo Enterprise Solutions (Singapore) Pte. Ltd.User authentication based on tracked activity
US20180326291A1 (en)2016-05-022018-11-15Bao TranSmart device
US20180264347A1 (en)2016-05-022018-09-20Bao TranSmart device
US20180326150A1 (en)2016-05-022018-11-15Dexcom, Inc.System and method for providing alerts optimized for a user
US20180321667A1 (en)2016-05-092018-11-08StrongForce IoT Portfolio 2016, LLCMethods and systems for data processing in an industrial internet of things data collection environment with large data sets
US20180321672A1 (en)2016-05-092018-11-08StrongForce IoT Portfolio 2016, LLCMethods and systems for a data marketplace in an industrial internet of things environment
US20180321666A1 (en)2016-05-092018-11-08StrongForce IoT Portfolio 2016, LLCMethods and systems for equipment monitoring in an internet of things mining environment
US20170331816A1 (en)2016-05-122017-11-16Bank Of America CorporationPreventing Unauthorized Access to Secured Information Systems Using Multi-Device Authentication Techniques
US20170346821A1 (en)*2016-05-262017-11-30Dropbox, Inc.Identifying accounts having shared credentials
US20180270549A1 (en)2016-06-232018-09-203M Innovative Properties CompanyPersonal protective equipment (ppe) with analytical stream processing for safety event detection
US20180261060A1 (en)2016-08-122018-09-13Ring Inc.Parcel theft deterrence for a/v recording and communication devices
US20180063122A1 (en)*2016-08-302018-03-01International Business Machines CorporationIdentification federation based single sign-on
US9635027B1 (en)*2016-09-022017-04-25Blink.Cloud LLCData transmission using dynamically rendered message content prestidigitation
US20180077568A1 (en)*2016-09-092018-03-15Dell Products L.P.Enabling remote access to a service controller having a factory-installed unique default password
US20190220583A1 (en)2016-10-032019-07-18Bioconnect Inc.Biometric identification platform
US20180131685A1 (en)*2016-11-042018-05-10Netskope, Inc.Non-intrusive security enforcement for federated single sign-on (sso)
US20180139199A1 (en)*2016-11-172018-05-17Adp, LlcSelective authentication system
US20180164959A1 (en)*2016-12-142018-06-14Microsoft Technology Licensing, LlcPersonalized adaptive task framework for user life events
US20180183586A1 (en)*2016-12-282018-06-28Intel CorporationAssigning user identity awareness to a cryptographic key
US20180322879A1 (en)2016-12-302018-11-08Google LlcMultimodal transmission of packetized data
US20180234464A1 (en)2017-02-152018-08-16Microsoft Technology Licensing, LlcBrokered authentication with risk sharing
US20180253682A1 (en)2017-03-012018-09-06Cvs Pharmacy, Inc.Intelligent Pre-Processing and Fulfillment of Mixed Orders
US20180254101A1 (en)2017-03-012018-09-06Ayasdi, Inc.Healthcare provider claims denials prevention systems and methods
US20180255422A1 (en)2017-03-022018-09-06Blackberry LimitedMethod and system for wakeup trigger by out-of-band communication
US20180255084A1 (en)2017-03-022018-09-06Crypteia Networks S.A.Systems and methods for behavioral cluster-based network threat detection
US20180255456A1 (en)2017-03-032018-09-06Verizon Patent And Licensing Inc.Network-based device registration for content distribution platforms
US20180255000A1 (en)2017-03-032018-09-06Bank Of America CorporationComputerized system for providing resource distribution channels based on predicting future resource distributions
US20180253840A1 (en)2017-03-062018-09-06Bao TranSmart mirror
US20180260641A1 (en)2017-03-072018-09-13Wipro LimitedMethod and a System for Detecting Drowsiness State of a Vehicle User
US20180262597A1 (en)2017-03-082018-09-13Citrix Systems, Inc.Universal quality of service for internet of things devices
US20180270612A1 (en)2017-03-172018-09-20SCRRD, Inc.Wireless Device Detection, Tracking, and Authentication Platform and Techniques
US20180276710A1 (en)2017-03-172018-09-27Edatanetworks Inc.Artificial Intelligence Engine Incenting Merchant Transaction With Consumer Affinity
US20180268691A1 (en)2017-03-172018-09-20At&T Intellectual Property I, L.P.Vehicle alert system using mobile location information
US20180270608A1 (en)2017-03-172018-09-20SCRRD, Inc.Wireless Device Detection, Tracking, and Authentication Platform and Techniques
US20180268818A1 (en)2017-03-202018-09-20Ebay Inc.Detection of mission change in conversation
US20180268674A1 (en)2017-03-202018-09-20Ring Inc.Dynamic Identification of Threat Level Associated With a Person Using an Audio/Video Recording and Communication Device
US20180268408A1 (en)2017-03-202018-09-20Square, Inc.Configuring Verification Information At Point-of-Sale Devices
US20180268944A1 (en)2017-03-202018-09-20Ramkrishna PrakashSystem, apparatus and method for management of health and wellness information, and management of transactions using same
US20180276041A1 (en)2017-03-212018-09-27Oracle International CorporationDynamic dispatching of workloads spanning heterogeneous services
US20180276495A1 (en)2017-03-222018-09-27Ebay Inc.Visual aspect localization presentation
US20180278648A1 (en)2017-03-222018-09-27Symantec CorporationSystems and methods for enforcing dynamic network security policies
US20180278496A1 (en)2017-03-232018-09-27Cisco Technology, Inc.Predicting Application And Network Performance
US20180278740A1 (en)2017-03-272018-09-27Samsung Electronics Co., Ltd.Electronic device and method of executing function of electronic device
US20180302418A1 (en)2017-04-122018-10-18Cybersecurity Defense Solutions, LlcMethod and system for detection and interference of network reconnaissance
US20180302362A1 (en)2017-04-142018-10-18International Business Machines CorporationMobile device input language suggestion based on message receiver's environment
US20180302363A1 (en)2017-04-142018-10-18International Business Machines CorporationMobile device input language suggestion based on message receiver's environment
US20180301149A1 (en)2017-04-172018-10-18Essential Products, Inc.Voice setup instructions
US20180301148A1 (en)2017-04-172018-10-18Essential Products, Inc.Connecting assistant device to devices
US20180302285A1 (en)2017-04-172018-10-18Essential Products, Inc.Troubleshooting voice-enabled home setup
US20180302425A1 (en)2017-04-172018-10-18Splunk Inc.Detecting fraud by correlating user behavior biometrics with other data sources
US20180302284A1 (en)2017-04-172018-10-18Essential Products, Inc.Troubleshooting voice-enabled home setup
US20180308100A1 (en)2017-04-192018-10-25Risto HaukiojaSystem and method of client recognition for service provider transactions
US20180307303A1 (en)2017-04-192018-10-25Magic Leap, Inc.Multimodal task execution and text editing for a wearable system
US20180309752A1 (en)*2017-04-202018-10-25Adp, LlcEnhanced security authentication system
US20180308073A1 (en)2017-04-202018-10-25Bank Of America CorporationComputerized system for resource deficiency triggered dynamic resource transfer
US20180307399A1 (en)2017-04-202018-10-25Adobe Systems IncorporatedDynamic Thumbnails
US20180307908A1 (en)2017-04-212018-10-25Walmart Apollo, LlcVirtual reality appliance management user interface
US20180307909A1 (en)2017-04-212018-10-25Walmart Apollo, LlcVirtual reality network management user interface
US20180310159A1 (en)2017-04-242018-10-25Rapidsos, Inc.Modular emergency communication flow management system
US20180315499A1 (en)2017-04-282018-11-01Better Therapeutics LlcSystem, methods, and apparatuses for managing data for artificial intelligence software and mobile applications in digital health therapeutics
US20180316852A1 (en)2017-05-012018-11-01Ricoh Company, Ltd.Guided image capture user interface
US20180320967A1 (en)2017-05-022018-11-08Centaur Analytics, Inc.Methods for post-harvest crop quality management
US20180321185A1 (en)2017-05-022018-11-08Centaur Analytics, Inc.Wireless sensor devices for post-harvest crop quality and pest management
US20180322436A1 (en)2017-05-022018-11-08Centaur Analytics, Inc.Methods for post-harvest crop pest management
US20180322961A1 (en)2017-05-052018-11-08Canary Speech, LLCMedical assessment based on voice
US20200235933A1 (en)*2017-05-062020-07-23Ilya Vladimirovich RedkokashinMethod For Transmitting Personal Information
US20180322419A1 (en)2017-05-082018-11-08Centurylink Intellectual Property LlcModel Driven Modular Artificial Intelligence Learning Framework
US20180330059A1 (en)2017-05-092018-11-15James Stewart BatesPatient treatment systems and methods
US20180329738A1 (en)2017-05-112018-11-15Vmware, Inc.Methods and systems that verify endpoints and external tasks in release-pipeline prior to execution
US20180330248A1 (en)2017-05-122018-11-15Adobe Systems IncorporatedContext-aware recommendation system for analysts
US20180330417A1 (en)2017-05-152018-11-15Wippy, LLCSystems, methods, and devices for dynamic used vehicle marketing, dealer matching, and extended sale period transactions platform
US20180332132A1 (en)2017-05-152018-11-15Citrix Systems, Inc.Optimizing Web Applications Using a Rendering Engine
US20180335776A1 (en)2017-05-162018-11-22GM Global Technology Operations LLCSystems and methods for selecting driving modes in autonomous vehicles
US20180336905A1 (en)2017-05-162018-11-22Apple Inc.Far-field extension for digital assistant services
US20180336640A1 (en)2017-05-222018-11-22Insurance Zebra Inc.Rate analyzer models and user interfaces
US20180336641A1 (en)2017-05-222018-11-22Insurance Zebra Inc.Dimensionality reduction of multi-attribute consumer profiles
US20180338120A1 (en)2017-05-222018-11-22Amazon Technologies, Inc.Intelligent event summary, notifications, and video presentation for audio/video recording and communication devices
US20180336638A1 (en)2017-05-222018-11-22Insurance Zebra Inc.Classifying rate factors in consumer profiles based on effects of the factors in high-dimensional models
US20180338330A1 (en)2017-05-222018-11-22Apple Inc.Proximity pairing based on signal strength
US20180336639A1 (en)2017-05-222018-11-22Insurance Zebra Inc.Using simulated consumer profiles to form calibration data for models
US20180359242A1 (en)*2017-06-132018-12-13Microsoft Technology Licensing, LlcCross Cloud Tenant Discovery
US20180359238A1 (en)*2017-06-132018-12-13Microsoft Technology Licensing, LlcCross Cloud Application Access
US20190020646A1 (en)*2017-07-122019-01-17Logmein, Inc.Federated login for password vault
US20190028462A1 (en)*2017-07-212019-01-24International Business Machines CorporationPrivacy-aware id gateway
US20190057386A1 (en)*2017-08-152019-02-21Mani FazeliApplication server for automated data transfers and associated methods
US20190058706A1 (en)*2017-08-172019-02-21Citrix Systems, Inc.Extending Single-Sign-On to Relying Parties of Federated Logon Providers
US20190158497A1 (en)*2017-11-202019-05-23Microsoft Technology Licensing, LlcSecuring Shared Components
US20190166112A1 (en)*2017-11-242019-05-30Microsoft Technology Licensing, LlcProtecting against malicious discovery of account existence
US20190166485A1 (en)*2017-11-302019-05-30T-Mobile Usa, Inc.On-boarding entity for remote embedded universal integrated circuit card management
US20190190704A1 (en)*2017-12-142019-06-20Mastercard International IncorporatedMethod and system for device level authentication in electronic transactions
US20190245848A1 (en)*2018-02-082019-08-08Citrix Systems, Inc.Fast Smart Card Login
US20190332691A1 (en)*2018-04-302019-10-31Robert Dale BeadlesUniversal subscription and cryptocurrency payment management platforms and methods of use
US20190372968A1 (en)2018-05-302019-12-05Jumio CorporationMachine Learning for Document Authentication
US20190392162A1 (en)*2018-06-252019-12-26Merck Sharp & Dohme Corp.Dynamic consent enforcement for internet of things
US20200007530A1 (en)*2018-06-282020-01-02Oracle International CorporationSession Synchronization Across Multiple Devices in an Identity Cloud Service
US20200162454A1 (en)*2018-11-212020-05-21Citrix Systems, Inc.Self-federation in authentication systems
US20200186518A1 (en)2018-12-052020-06-11Bank Of America CorporationUtilizing Federated User Identifiers to Enable Secure Information Sharing
US20200184065A1 (en)2018-12-052020-06-11Bank Of America CorporationDynamically Generating Activity Prompts to Build and Refine Machine Learning Authentication Models
US20200184048A1 (en)2018-12-052020-06-11Bank Of America CorporationProcessing Authentication Requests to Secured Information Systems Based on Machine-Learned User Behavior Profiles
US20200184049A1 (en)2018-12-052020-06-11Bank Of America CorporationProcessing Authentication Requests to Secured Information Systems Based on Machine-Learned Event Profiles
US20200184051A1 (en)2018-12-052020-06-11Bank Of America CorporationProcessing Authentication Requests to Secured Information Systems Using Machine-Learned User-Account Behavior Profiles

Non-Patent Citations (9)

* Cited by examiner, † Cited by third party
Title
"Baseline Information Security Standard," University of Colorado Office of Information Security, revised Sep. 12, 2013, retrieved from https://www.cu.edu/ security/system-wide-baseline-security-standards, 28 pages.
Aug. 4, 2020 U.S. Non-Final Office Action—U.S. Appl. No. 16/210,028.
Dec. 1, 20201 U.S. Non-Final Office Action—U.S. Appl. No. 16/210,010.
Dec. 1, 20201 U.S. Notice of Allowance and Fees Due—U.S. Appl. No. 16/210,062.
Dec. 7, 2020 U.S. Notice of Allowance and Fees Due—U.S. Appl. No. 16/210,028.
Dec. 9, 2020 U.S. Notice of Allowance and Fees Due—U.S. Appl. No. 16/210,042.
Mar. 24, 2021 U.S. Notice of Allowance and Fees Due—U.S. Appl. No. 16/210,028.
May 4, 2021 U.S. Notice of Allowance and Fees Due—U.S. Appl. No. 16/210,010.
Nov. 2, 20203 U.S. Notice of Allowance and Fees Due—U.S. Appl. No. 16/210,092.

Cited By (6)

* Cited by examiner, † Cited by third party
Publication numberPriority datePublication dateAssigneeTitle
US20220038451A1 (en)*2018-12-052022-02-03Bank Of America CorporationUtilizing Federated User Identifiers to Enable Secure Information Sharing
US11775623B2 (en)2018-12-052023-10-03Bank Of America CorporationProcessing authentication requests to secured information systems using machine-learned user-account behavior profiles
US11790062B2 (en)2018-12-052023-10-17Bank Of America CorporationProcessing authentication requests to secured information systems based on machine-learned user behavior profiles
US11797661B2 (en)2018-12-052023-10-24Bank Of America CorporationDynamically generating activity prompts to build and refine machine learning authentication models
US12355750B2 (en)*2018-12-052025-07-08Bank Of America CorporationUtilizing federated user identifiers to enable secure information sharing
US20250202884A1 (en)*2023-12-192025-06-19Sap SeStorage layer abstraction for distributed, self-sovereign content sharing

Also Published As

Publication numberPublication date
US20220038451A1 (en)2022-02-03
US12355750B2 (en)2025-07-08
US20200186518A1 (en)2020-06-11

Similar Documents

PublicationPublication DateTitle
US12355750B2 (en)Utilizing federated user identifiers to enable secure information sharing
US11869005B2 (en)System and method linking to accounts using credential-less authentication
US11797661B2 (en)Dynamically generating activity prompts to build and refine machine learning authentication models
US10305891B2 (en)Preventing unauthorized access to secured information systems using multi-device authentication techniques
US10091194B2 (en)Preventing unauthorized access to secured information systems using multi-device authentication techniques
US11113370B2 (en)Processing authentication requests to secured information systems using machine-learned user-account behavior profiles
US11775623B2 (en)Processing authentication requests to secured information systems using machine-learned user-account behavior profiles
US10057255B2 (en)Preventing unauthorized access to secured information systems using multi-device authentication techniques
US20170295159A1 (en)Authenticating Clients Using Tokens
US10158628B2 (en)Preventing unauthorized access to secured information systems based on contextual login information
US10148646B2 (en)Preventing unauthorized access to secured information systems using tokenized authentication techniques
US12120228B2 (en)Systems and methods using distributed ledgers to correct for missing one time passwords in event processing
US10057249B2 (en)Preventing unauthorized access to secured information systems using tokenized authentication techniques
US20180089679A1 (en)Partially completed resource triggering and completion system
US20170345001A1 (en)Failed resource usage monitor and remediation system
US10855686B2 (en)Preventing unauthorized access to secure information systems using multi-push authentication techniques
US11314850B2 (en)Preventing unauthorized access to secure information systems using advanced biometric authentication techniques
US10298575B2 (en)Multicomputer processing of an event authentication request with centralized event orchestration
US11956224B2 (en)Using machine-learning models to authenticate users and protect enterprise-managed information and resources
US20250104029A1 (en)System and Method for Accelerating Transfers Through Intermediaries
US20250097216A1 (en)Authentication process for facilitating secure access to voice-enabled applications
US10158629B2 (en)Preventing unauthorized access to secured information systems using multi-device authentication techniques
US20220405723A1 (en)Conducting Secure Fragmented Payment Transactions
US20220405730A1 (en)Conducting Secure Fragmented Payment Transactions

Legal Events

DateCodeTitleDescription
ASAssignment

Owner name:BANK OF AMERICA CORPORATION, NORTH CAROLINA

Free format text:ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:SHAH, HITESH;REEL/FRAME:047677/0463

Effective date:20181204

FEPPFee payment procedure

Free format text:ENTITY STATUS SET TO UNDISCOUNTED (ORIGINAL EVENT CODE: BIG.); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

STPPInformation on status: patent application and granting procedure in general

Free format text:NON FINAL ACTION MAILED

STPPInformation on status: patent application and granting procedure in general

Free format text:RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPPInformation on status: patent application and granting procedure in general

Free format text:NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPPInformation on status: patent application and granting procedure in general

Free format text:DOCKETED NEW CASE - READY FOR EXAMINATION

STPPInformation on status: patent application and granting procedure in general

Free format text:NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPPInformation on status: patent application and granting procedure in general

Free format text:DOCKETED NEW CASE - READY FOR EXAMINATION

STPPInformation on status: patent application and granting procedure in general

Free format text:NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPPInformation on status: patent application and granting procedure in general

Free format text:AWAITING TC RESP., ISSUE FEE NOT PAID

STPPInformation on status: patent application and granting procedure in general

Free format text:NOTICE OF ALLOWANCE MAILED -- APPLICATION RECEIVED IN OFFICE OF PUBLICATIONS

STPPInformation on status: patent application and granting procedure in general

Free format text:PUBLICATIONS -- ISSUE FEE PAYMENT VERIFIED

STCFInformation on status: patent grant

Free format text:PATENTED CASE

CCCertificate of correction
MAFPMaintenance fee payment

Free format text:PAYMENT OF MAINTENANCE FEE, 4TH YEAR, LARGE ENTITY (ORIGINAL EVENT CODE: M1551); ENTITY STATUS OF PATENT OWNER: LARGE ENTITY

Year of fee payment:4
[8]ページ先頭
©2009-2025 Movatter.jp